Hi!
I was thinking about raw sockets in Diman's NSE.
Unfortunately there are some architectural problems.
As for today NSE is using only NSOCK and only function
that is blocking in NSE is "nsock_loop".
In case of adding raw sockets we'll have to add support for:
- creating raw packets (libdnet?)
- capturing packets (libpcap)
We would need to listen to both nsock and pcap descriptors.
And here the problem comes. How to listen in the same
time for two blocking mechanisms nsock_loop and pcap_dispatch.
Solutions I can think about:
- modify nsock and support listening to pcap in nsock_loop
(I personally don't like this solution. I think that nsock
shouldn't be changed if possible.)
- run two threads of nmap. in one thread listen to nsock
in other listen to pcap.
(probably there will be huge compatibility problems with threads
and synchronization)
- set some custom flags on pcap descriptor and when
packet comes signal SIGIO will be triggered.
In signal handler do something to get out from nsock_loop function.
(this solution is also very os-dependant and some changes to nsock
will be needed)
- check for pcap events after nsock_loop() leaves after some time.
(some packets can be lost while nsock_loop() is working)
- extract socket descriptors from nsock and run select() on them and on pcap by hand.
(there will be complications with NSE_TYPE_TIMER events)
Anyone has idea?
Cheers!!
Marek Majkowski
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Received on Dec 11 2006
Intro
