|
Nmap Development
mailing list archives
[PATCH] OpenBSD ioctl() performance improvement
From: doug () hcsw org
Date: Thu, 22 Feb 2007 14:55:14 -0800
Hi nmap-dev!
These past few days I've been porting a program of mine (nuff) to OpenBSD and I noticed an oddity in how OpenBSD
handles BPF descriptors. It turns out that (unlike linux) OpenBSD won't mark a descriptor readable (via select) as soon
as it receives a packet. Instead, It will wait until a buffer is full.
So under certain network conditions (ie very few packets on the wire matching your BPF filters) this can result in slow
scans on OpenBSD. Fortunatley, OpenBSD (and possibly other similar operating systems) let you override this behaviour
with a BIOCIMMEDIATE ioctl on the descriptor. I have tested this and found that using this results in faster scans than
the current (selectable fd) behaviour and the old (polling) behaviour.
I am attaching my current patch to nmap-4.21ALPHA1 but I don't think it's ready for incorporation yet. Here is what
remains to be done:
* Figure out what other operating systems will benefit from BIOCIMMEDIATE (I suspect at least NetBSD).
* Find a better way than the #define hack in my patch. The BIOCIMMEDIATE constant is straight out of OpenBSD's
/usr/include/net/bpf.h . Ideally we should #include <net/bpf.h> as described in OpenBSD's man bpf. I tried this but
some of the structures defined there conflict with the bpf.h that nmap currently includes.
If anybody has any ideas or suggestions regarding the above points please reply to nmap-dev!
Best,
Doug
Attachment:
nmap-4.21ALPHA1-openbsd-performance.patch
Description:
Attachment:
signature.asc
Description: Digital signature
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
 By Date 
By Thread
Current thread:
- [PATCH] OpenBSD ioctl() performance improvement doug (Feb 22)
| 
Intro
