matches, but keep searching in case there's an interface where both the
hardware address and description string match.
Matching only on the hardware address is not sufficient, because several
interfaces will have the same address in the case of interface teaming.
See the log message for r17542.
But this revision broke interface matching for Luis MartinGarcia and Rob
Nicholls. For Luis, the call to PacketRequest with OID_GEN_FRIENDLY_NAME
was failing. For Rob, the friendly name differed slightly from the
description provided by libpcap. This change makes a hardware address
match good enough but will prefer a description match too.
o Made eth_get_pcap_devname compare interface descriptions as well as
MAC addresses when assigning interface names like eth0 on Windows.
Only comparing MAC addresses failed in the case of "teamed"
interfaces, when three interfaces (two physical, one virtual) could
have the same hardware address.
eth_get_pcap_devname as a wrapper.
In addition to the hardware address check, add a check of the textual interface
descriptions in order better to distinguish interfaces. It appears to me that
the pcap description (pdev->description) is the same as what is returned by a
call to PacketRequest with an OID of OID_GEN_FRIENDLY_NAME, so that's what I'm
comparing. That differs from OID_GEN_VENDOR_NAME, which is what you get in
ifrow.bDescr from GetIfTable.
We've found that simply comparing hardware addresses is not enough when using
Windows "teamed" (link-aggregated) interfaces. In a simple example, two NICs
are teamed together, leading to three interfaces visible to libdnet: the two
physical NICs and the virtual teamed interface. All three of these have the
same MAC address. What was happening was the eth0 interface was being assigned
to one of the physical NICs, packets were sent over it, but the replies were
not necessarily coming back to the same physical NIC.
versions of OpenSolaris (I tested snv_134) also support PF_PACKET, but
not in an entirely compatible way. The configure check was making the
build use eth-linux.c, which doesn't compile under OpenSolaris. This
change makes OpenSolaris fall back to eth-dlpi.c, which works. The
report about this was sent by Darren Reed.
than one string of digits. Joe Dietz reported that an interface with
the name e1000g0 was causing the error message
Warning: Unable to open interface e1000g0 -- skipping it.
on Solaris 9. [David]
to <socket.h>, when doing the test for socklen_t. Apparently OpenBSD has
it in <sys/types.h> and it causes a build failure later if we detect
that the type is not present.
which have been merged to the upstream libdnet repository and thus
do not have to be re-applied when the libdnet version included with
Nmap is updated in the future.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
addr_stob didn't handle the special case of the sa_len member of
struct sockaddr being equal to 0 and accessed unrelated memory past
the end of the sockaddr. A symptom of this was the fatal error
nexthost: failed to determine route to ...
which was caused by the default route being assigned a netmask other
than 0.0.0.0.
when I adapted some libdnet 1.11 code to convert a dnet name to a pcap name by
matching hardware addresses. I removed an earlier comment that this one
supersedes.
Visual C++ 2008 runtime components if they aren't already installed
on a system. These are some reasonably small DLLs that are
generally necessary for applications compiled with Visual C++ (with
dynamic linking). Many or most systems already have these installed
from other software packages. The lack of these components led to
the error message "The Application failed to intialize properly
(0xc0150002)." with Nmap 4.65. A related change is that Nmap on
Windows is now compiled with /MD rather than /MT so that it
consistently uses these runtime libraries. The patch was created by
Rob Nicholls.
addresses if matching IP addresses fails. I have a feeling this is more
reliable than matching IP addresses, but as I'm not sure, I have made it the
backup so that nothing will stop working that was working before. The MAC
address matching works fine for me if I disable the IP address matching. The
code is adapted from libdnet 1.11.
all of the dnet device's addresses, not just the first one. This is a long shot
to fix the "dnet: Failed to open eth4" problem on Vista, but it's the right
thing anyway.
Ensuring the safety of assert() calls by keeping NDEBUG undefined throughout
Nmap, Nbase and Nsock.
I've tested this on Linux and Windows XP without problems. On Windows I've
removed the definitions of _DEBUG and NDEBUG from the *.vcproj files.
recognize devices with type INTF_TYPE_IEEE80211 as Ethernet devices.
This ought to make wireless network scanning work on Windows Vista. For
more background see http://seclists.org/nmap-dev/2007/q4/0391.html.
ltmain.sh, and missing from subdirectories. Autoconf automatically looks
in the parent directory for these files. I had to copy the files
depcomp, ltmain.sh, and missing into the root of the source tree.
(These get mapped to interfaces beginning with "net": net0, net1, etc.) I
originally planned to make this a debugging message to be displayed at a
certain debuggin level whether the interface type is recognized or not. It
looked to be a pain to give libdnet visibility of Nmap debugging level, so
instead it just prints a message to stderr only when the interface type is
unrecognized.
