Re: [NSE] NTP Peer Listing

[jah <jah () zadkiel plus com>]

On 15/05/2010 03:50, David Fifield wrote:
> jah, you mentioned that you had trouble with Nsock and decided to use
> raw sockets and pcap to do the sending and receiving. Can you tell more
> about that? Were you getting Nsock TIMEOUT errors? It should not be
> necessary to use raw sockets for this script. It might be a bug in Nsock
> that has to be fixed.
>   
The problem was that I assumed that comm.exchange would return all of
the datagrams the target sends, but in fact the connection is closed
once we've received just one datagram.  I don't think this is a bug in
Nsock; I think I need simply to call sock:receive_bytes(1) in a loop
until we get a timeout.

I'm thinking that comm.exchange should accept another option which will
cause Nsock to stick around for any further datagrams. Something along
the lines of 'udp_datagrams' or 'udp_packets' and which works in much
the same way as bytes and lines - i.e. you specify the minimum number of
bytes, lines, 'udp_packets' you want to receive and if there's more,
you'll get more.  The extra option will mean that only when a script
writer is expecting more than one datagram in response will they need to
incur the time penalty while we wait for the connection to time-out. 
Thoughts?

jah
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/