Re: Feature request

[David Fifield <david () bamsoftware com>]

On Wed, Sep 12, 2012 at 01:24:26PM -0500, Daniel Miller wrote:
> The patch attached here should make this work for every type of
> matching supported in the host filter (NetworkInventory class) as
> well as some other interface I couldn't find to test. It ended up
> being a bit larger than I thought, so I'm submitting here to let
> others take a look and test before I commit.
>
> Basic idea is that for any directive, including bare keywords, you
> can put an exclamation point ("!") in front of the search term to
> negate it. So "op:!22" matches hosts that do not have port 22 open.

Thanks for taking this patch. I think this is the wrong approach. This
bit of code is basically copied to a lot of places:

> +        found = True
> +        if keyword != "" and keyword[0] == "!":
> +            keyword = keyword[1:]
> +            found = False

This should be handled at a higher level, above where strings are passed
to the individual match_* methods. I think you rather want to check for
"!" in front of each arg here:

    def _match_all_args(self, operator, args):
        """A helper function that calls the matching function for the given
        operator and each of its arguments."""
        for arg in args:
            if not self.__getattribute__("match_%s" % operator)(arg):
                # No match for this operator
                return False

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/