proposal. This only affects Nmap's root directory. We might also need to
modify the code which autogenerates Nmap's source code files such as IPv6
fingerprinting code.
see http://seclists.org/nmap-dev/2013/q4/168
Move some includes out of nmap.h: nmap.h gets included lots of places,
and unconditionally included math.h, ctype.h, errno.h, stdio.h,
sys/stat.h, fcntl.h, sys/types.h, and stdarg.h. This commit moves those
includes into the .cc files where they are necessary and out of nmap.h
Remove redundant include global_structures.h, included from nmap.h
Removed redundant code included from nmap.h
Removing #include nbase.h when nmap.h is included (redundant)
Remove duplicate #include lines
Add ifndef guards to a few .h files
for file in `grep "* including the terms and conditions of this license text as well. \*" * -r --files-with-match `; do sed "s/\* including the terms and conditions of this license text as well. \*/* including the terms and conditions of this license text as well. */g" -i $file; done
This prevents potentially reading (and buffering) every input host while
looking for more targets to fill up the current hostgroup. One of the
criteria that can split hostgroups is interface. Suppose you have an
input list of targets whose interfaces are
eth0 eth0 eth0 wlan0 wlan0 wlan0 wlan0 wlan0 wlan0...
The first three eth0 will go in the first group, and then the following
wlan0 will start to be buffered while we look for more eth0. But we will
only look ahead 64 targets, then go ahead and scan the three eth0.
This allows some targets to be skipped over yet remembered so they can
be dealt with later. The idea is that because ping groups are not
allowed
to have duplicate IPs, we continue searching for non-duplicates in order
to fill up a ping group, then return to what were formerly duplicates.
This prevents potentially large ping groups from being split into small
groups.
For example, if the list of targets is
A B C D A B E A F G
the ping groups used to be
(A B C D) (A B E) (A F G)
but now they are
(A B C D E F G) (A B) (A]
A similar thing can be done for port scan hostgroups, but this already
does most of the work because ping groups are generally bigger than
hostgroups and have pretty much the same restrictions.
This is a refactoring of target parsing that stores different types of
target specifications as different classes. The eventual intention is to
allow easy iteration over each specification for the purpose of IPv6
multicast host discovery.
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
This is the merging of the code that was previously in
/nmap-exp/david/nmap-massping-migration. These are all the big changes
that get rid of massping in favor of doing host discovery using
ultra_scan.
For now, there is a toggle that turns these new changes off. Undefine
NEW_MASSPING in targets.cc to go back to the old code. All of that will
be deleted eventually.
There are likely a few more changes that will be made to this system in
the near future. Those will be made in
/nmap-exp/david/nmap-massping-migration and merged back.
Don't release this just yet, because I'm going to make a few more
commits real quick to remove some debugging stuff.
(Note to self: this merge back was from r5693 in
/nmap-exp/david/nmap-massping-migration.)
