Is this discussed before? If the answer came from someone else (it's
rare but I have encountered it) the port is filtered in my vocabulary.
Is the current behaviour intended for some reason? I will change it in
my forthcoming intermediate-patch but this particular line looks like a
bug to me and maybe should go into the official nmap.
diff -ruB nmap-3.10ALPHA4/scan_engine.cc
nmap-3.10ALPHA4-interm/scan_engine.cc
--- nmap-3.10ALPHA4/scan_engine.cc Mon Sep 16 06:39:58 2002
+++ nmap-3.10ALPHA4-interm/scan_engine.cc Mon Dec 2 10:31:16 2002
@@ -1539,7 +1539,8 @@
break;
case 3: /* p0rt unreachable */
- if (scantype == UDP_SCAN) {
+ if (scantype == UDP_SCAN && ip->ip_src.s_addr ==
+ target->v4host().s_addr) {
newstate = PORT_CLOSED;
} else newstate = PORT_FIREWALLED;
break;
[The above is hacked for better viewing so it may not be usable with patch]
---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to
nmap-dev-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Dec 02 2002
Intro
