diff --git a/FPEngine.cc b/FPEngine.cc index bfa5d68..acab965 100644 --- a/FPEngine.cc +++ b/FPEngine.cc @@ -130,6 +130,7 @@ #include "nmap_error.h" #include "osscan.h" #include "linear.h" +#include "FPModel.h" extern NmapOps o; @@ -697,14 +698,6 @@ FPEngine6::~FPEngine6() { } - -/* From FPModel.cc. */ -extern struct model FPModel; -extern double FPscale[][2]; -extern double FPmean[][659]; -extern double FPvariance[][659]; -extern FingerMatch FPmatches[]; - /* Not all operating systems allow setting the flow label in outgoing packets; notably all Unixes other than Linux when using raw sockets. This function finds out whether the flow labels we set are likely really being sent. @@ -784,6 +777,27 @@ static double vectorize_tc(const PacketElement *pe) { return ipv6->getTrafficClass(); } +static double vectorize_hlim(const PacketElement *pe) { + const IPv6Header *ipv6; + + ipv6 = find_ipv6(pe); + if (ipv6 == NULL) + return -1; + else { + int hlim = ipv6->getHopLimit(); + if (hlim > 128) + return 1; // class of 255 + else if (hlim > 64) + return 2; // class of 128 + else if (hlim > 32) + return 3; // class of 64 + else if (hlim > 0) + return 4; // class of 32 + else + return -1; + } +} + static double vectorize_isr(std::map& resps) { const char * const SEQ_PROBE_NAMES[] = {"S1", "S2", "S3", "S4", "S5", "S6"}; u32 seqs[NELEMS(SEQ_PROBE_NAMES)]; @@ -857,6 +871,7 @@ static struct feature_node *vectorize(const FingerPrintResultsIPv6 *FPR) { probe_name = IPV6_PROBE_NAMES[i]; features[idx++].value = vectorize_plen(resps[probe_name].getPacket()); features[idx++].value = vectorize_tc(resps[probe_name].getPacket()); + features[idx++].value = vectorize_hlim(resps[probe_name].getPacket()); } /* TCP features */ features[idx++].value = vectorize_isr(resps); diff --git a/FPModel.h b/FPModel.h new file mode 100644 index 0000000..868bd5b --- /dev/null +++ b/FPModel.h @@ -0,0 +1,10 @@ +#ifndef _FPMODEL_H_ +#define _FPMODEL_H_ + +extern struct model FPModel; +extern double FPscale[][2]; +extern double FPmean[][676]; +extern double FPvariance[][676]; +extern FingerMatch FPmatches[]; + +#endif