Nmap Development mailing list archives
Re: Nmap Attack Scripting Language (NASL)
From: Diman Todorov <diman () xover mud at>
Date: Tue, 23 May 2006 10:31:01 +0200
Arun,
Aren't you talking of something similar to a plugin based architecture?
Yep, that's the idea.
Why don't we invest in building the architecture in C itself? I mean projects like ethereal have done it successfully. Why should we add a language and take away the programmers freedom?
If an embedded language is added, most of the required structure for a module API has to be constructed as well. It is a side product so to say.
Or better still I think it should be a plugin architecture with plugins possible in various languages. For the ambitious ones, they could do it in C and for people with less time it could be some simple script like plugin.
This sounds good to me, I second it. Further, Another problem I see with Swig based extension is that at least as far as I can see Swig doesn't provide thread safety (please correct me if you think otherwise). Since performance is critical in Nmap it is nice to be able to execute multiple instances of the script at the same time. For an exhaustive reference of the Lua functionality please skim through the index of the online Lua book http://www.lua.org/pil/ Note that unlike Swig based implementations you don't have to write glue code in an interface syntax to use Lua's datatypes from c. While Swig cuts down on development time for wrapping code, Lua takes it one step further and eliminates the whole 'yet another meta language' mumbo jumbo. There is nevertheless one last reason for which I wouldn't go for Swig. Last time I used Swig (with Ruby) the only method to call Ruby code was through c callbacks. At least to my knowledge TCL has the same constraint ( http:// wiki.tcl.tk/1819 ) What we need is a language to extend Nmap. Extending a language with an Nmap API is another project entirely (see Fyodors pointers to CRAN). Without a way to execute scripts from the c side (except by asking the underlying system to do so) I don't see an elegant way to embed a language into Nmap. cheers Diman _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- RE: Nmap Attack Scripting Language (NASL), (continued)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Brandon Enright (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- Re: Nmap Attack Scripting Language (NASL) David Warde-Farley (May 22)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- Re: Nmap Attack Scripting Language (NASL) Fyodor (May 23)
- Re: Nmap Attack Scripting Language (NASL) Paul Rigor (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 22)
- RE: Nmap Attack Scripting Language (NASL) Arun Vishwanathan (May 23)
- Re: Nmap Attack Scripting Language (NASL) Diman Todorov (May 23)