is not printed unless there were other differences. This makes Nidff
produce no output when there wre no differences other than the version
number and date. Dr. Jesus contributed an initial patch. [David]
if there was only one extraports state, would create a Port object for
each scanned port that was not listed explictly. So for example, if a
scan of 100 ports had 5 open ports and an extraports of "filtered",
Ndiff would create 95 port records in the "filtered" state in addition
to the 5 "open". If there was more than one extraports state this was
not possible.
This turned out to be a slow operation, out of all proportion to its
utility. Here are times for a diff of random-1.xml and random-2.xml,
before and after:
real 0m11.912s
user 0m10.970s
sys 0m0.249s
real 0m0.773s
user 0m0.726s
sys 0m0.046s
In most cases extraports are not shown in the output, so this was wasted
effort. I know of only one place where it affected the output, when an
extraports in the A scan because a non-extraports in a different state
in the B scan. Then the previous state would be included in the <a>
port, where now it will just be listed without a state.
Remove OS "Linux 2.6.18 - 2.6.25".
Remove OS "Linux 2.6.8 - 2.6.20".
Remove OS "OpenWrt (Linux 2.6.19 - 2.6.21)".
Add OS "Archos 605 WiFi video player".
Add OS "Linux 2.6.27 (Ubuntu)".
Add OS "Linux 2.6.22".
Add OS "Linux 2.6.27".
from
21/tcp is open, was filtered.
23/tcp is open, was filtered.
80/tcp is open, was filtered.
8701/tcp is filtered, was open.
to
-21/tcp filtered
+21/tcp open ftp Netgear broadband router ftpd 1.0
-23/tcp filtered
+23/tcp open telnet Netgear broadband router admin telnetd
-80/tcp filtered
+80/tcp open http Embedded Allegro RomPager webserver 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)
-8701/tcp open unknown
+8701/tcp filtered
the DiffHunk class with a type tag. Now output is handled with polymorphism
rather than dispatching with if/else. It also better shows what members each
hunk type has.
exception message rather than the whole exception tuple. This changes
./ndiff: ('option --foo not recognized', 'foo')
to
./ndiff: option --foo not recognized
happens when a host was scanned in the A scan but wasn't scanned in the B scan.
I previously had it ignore such changes using the logic that the diff should be
like scan aggregation: no new information means no state change. But I think
it's more useful to see those changes in which hosts were scanned.
This is analogous to r10263, which did the same thing for port state changes.
did this with the idea of making diffing like scan aggregation, with known
characteristics carrying forward through unknown. But it can be confusing. I
think when you diff
nmap scanme.nmap.org
and
nmap -F scanme.nmap.org
you want to see that the gopher port changes from closed to unknown, because
it's not scanned by fast scan.
