for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
This prevents potentially reading (and buffering) every input host while
looking for more targets to fill up the current hostgroup. One of the
criteria that can split hostgroups is interface. Suppose you have an
input list of targets whose interfaces are
eth0 eth0 eth0 wlan0 wlan0 wlan0 wlan0 wlan0 wlan0...
The first three eth0 will go in the first group, and then the following
wlan0 will start to be buffered while we look for more eth0. But we will
only look ahead 64 targets, then go ahead and scan the three eth0.
This allows some targets to be skipped over yet remembered so they can
be dealt with later. The idea is that because ping groups are not
allowed
to have duplicate IPs, we continue searching for non-duplicates in order
to fill up a ping group, then return to what were formerly duplicates.
This prevents potentially large ping groups from being split into small
groups.
For example, if the list of targets is
A B C D A B E A F G
the ping groups used to be
(A B C D) (A B E) (A F G)
but now they are
(A B C D E F G) (A B) (A]
A similar thing can be done for port scan hostgroups, but this already
does most of the work because ping groups are generally bigger than
hostgroups and have pretty much the same restrictions.
This is a refactoring of target parsing that stores different types of
target specifications as different classes. The eventual intention is to
allow easy iteration over each specification for the purpose of IPv6
multicast host discovery.
Importing the whole std namespace caused a problem with Clang and the
punning of bind and std::bind.
http://seclists.org/nmap-dev/2012/q4/58
The Web's opinion of "using namespace std" also seems to be more against
than for.
These options look contradictory, but --disable-arp-ping is really an
option to disable *implicit* ARP ping when you haven't asked for it.
Actually requesting ARP should still do ARP scan. The contradiction that
remains is the option name --disable-arp-ping, which doesn't exactly do
what it says.
The idea here is that you can just throw --disable-arp-ping at the end
of your command lines, and implicit ARP scan will always be disabled,
and any command using -PR will continue to work.
This element is intended to report information about command-line target
specifications. Now it's used with status="skipped" to indicate that a
specification was ignored.
Up to data structure differences. I'm not sure why they differed to
begin with, though I remember writing the comment that explains that
they differed. This is related to a problem reported by Daniel Miller:
http://seclists.org/nmap-dev/2012/q1/675.
The std::string was being created and deleted in a single statement, so
its c_str pointer pointed to freed memory. This could be seen with
valgrind nmap --exclude foo
scan. ARP scan had a hardcoded initial timeout of 100 ms, which could be
lower than the minimum requested. The default minimum timeout is also
100 ms, so this has no effect if --min-rtt-timeout is not used.
* Adding path-mtu.nse for Path MTU Discovery
* Nmap now stores the MTU for interfaces (from SIOCGIFMTU or libdnet)
* Scripts can access the MTU for host.interface via host.interface_mtu
* Nmap prints the MTU for interfaces in --iflist
targets.cc, and return false if it is so. This indicates that we are not
doing a raw scan. target->deviceName != NULL is necessary before
checking target->directlyConnected(), otherwise you get this assertion
failure when doing any non-root scan (such as -sT or -sL) as root with
two or more targets:
nmap: Target.cc:369: bool Target::directlyConnected() const: Assertion `directly_connected == 0 || directly_connected == 1' failed.
Aborted
This is how the logic originally worked, and I accidentally broke it in
r17892.
one already present in the current group. This is because ultra_scan
does not cope with multiple targets sharing the same IP address. However
this alone isn't enough to force a new host group, because the loop in
nmap.cc concatenates groups that nexthost splits apart, with its own
duplicate logic for breaking up groups.
different host group. Also insert the target into the group only after
we're sure we want it, instead of provisionally inserting it and then
removing it after we find it's unwanted.
