an older, slower packet capture mechanism on Linux. Before Linux
2.6.27, the packet ring mechanism uses different-sized kernel
structures on 32- and 64-bit architectures, so a 32-bit program will
not run correctly on a 64-bit kernel. The older mechanism does not
have this flaw.
says that the function could be outdated if IANA keeps assigning IP ranges,
but I update this function many times per year (usually consisting of more
than one IP block per update). So in case I somehow slack on my unofficial
job of updating this function, I note that it needs frequent attention.
allows setting the SO_BROADCAST option on sockets. Ncat now sets
this option unconditionally in connect mode to allow connections to
broadcast addresses (useful in UDP mode). This code was written by
Daniel Miller.
* Replace this pattern:
if ( isNumber_u32(optarg) ){
u32 aux32 = strtoul( optarg, NULL, 10);
...
}
with a function that checks for syntax and returns the value (i.e., a wrapper
around strtoul). There is nowhere that isNumber_u* is called without it being
immediately followed by a strtoul, outside of utils.cc.
single connection and then exit, just like in normal listen mode.
Use the --keep-open option to get the old default inetd-like
behavior. This was suggested by David Millis. [David]
o Nmap now works with "teamed" network interfaces on Windows. In order
to distinguish the interfaces, their textual descriptions are now
compared in addition to their MAC addresses. Without this, Nmap
would send on the wrong interface and not receive any replies. A
symptom of this problem was all scans failing except when
--unprivileged was used. Norris Carden reported this bug. [David]
o Made eth_get_pcap_devname compare interface descriptions as well as
MAC addresses when assigning interface names like eth0 on Windows.
Only comparing MAC addresses failed in the case of "teamed"
interfaces, when three interfaces (two physical, one virtual) could
have the same hardware address.
eth_get_pcap_devname as a wrapper.
In addition to the hardware address check, add a check of the textual interface
descriptions in order better to distinguish interfaces. It appears to me that
the pcap description (pdev->description) is the same as what is returned by a
call to PacketRequest with an OID of OID_GEN_FRIENDLY_NAME, so that's what I'm
comparing. That differs from OID_GEN_VENDOR_NAME, which is what you get in
ifrow.bDescr from GetIfTable.
We've found that simply comparing hardware addresses is not enough when using
Windows "teamed" (link-aggregated) interfaces. In a simple example, two NICs
are teamed together, leading to three interfaces visible to libdnet: the two
physical NICs and the virtual teamed interface. All three of these have the
same MAC address. What was happening was the eth0 interface was being assigned
to one of the physical NICs, packets were sent over it, but the replies were
not necessarily coming back to the same physical NIC.
