Nmap Development mailing list archives
Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow.
From: doug () hcsw org
Date: Fri, 8 Aug 2008 13:42:52 -0700
On Fri, Aug 08, 2008 at 04:35:28AM +0000 or thereabouts, jayrhine () comcast net wrote:
This sounds like a pcap buffering issue. Do your versions of solaris use BPF or DLPI or ...? If BPF, it could be that putting the pcap descriptor into BIOCIMMEDIATE mode would help:I'm not sure. Do you know of an easy way to check? Otherwise, I'll have to look into it ...
The most accurate way to tell which nmap is using is to go into its libpcap directory and ./configure : $ pwd /home/doug/nmap/svn/nmap/libpcap BSD: $ ./configure |grep 'capture type' checking packet capture type... bpf Linux: $ ./configure |grep 'capture type' checking packet capture type... linux The code for each pcap mode is in pcap-X.c for example pcap-bpf.c . Note that linux actually DOES use BPF but still has its own pcap-linux.c file and DOES NOT benefit from BIOCIMMEDIATE because of kernel-level implementation differences. I noticed your next message about it not having an effect. Still, it sounds exactly like the BIOCIMMEDIATE issue I have observed on BSD (and hope to fix soonish). Do you have time to get your hands a little dirty? ;) Solaris/DLPI has a similar ioctl API: http://article.gmane.org/gmane.network.tcpdump.devel/2186 When you get a chance could you put this code snippet where my OpenBSD patch went in tcpip.cc? It's an *untested* modification of the code from the above message: #if __sun__ /* * Under Solaris, select() keeps waiting until the next packet, * because it is buffered, so we have to set timeout and * chunk size to zero */ { int size_zero = 0; struct timeval time_zero = {0, 0}; int temp_fd = pcap_get_selectable_fd(pt); if (ioctl(temp_fd, SBIOCSCHUNK, &size_zero) < 0) fatal("ioctl() with SBIOCSCHUNK returned an error (%d): %s", errno, strerror(errno) ); if (ioctl(temp_fd, SBIOCSTIME, &time_zero) < 0) fatal("ioctl() with SBIOCSTIME returned an error (%d): %s", errno, strerror(errno) ); } #endif Some header files might need to be #included too.. Possibly one or more of these: #include <sys/ioctl.h> #include <sys/stream.h> #include <sys/dlpi.h> #include <sys/bufmod.h> For now just add em at the top of tcpip.cc. If this works, it would be nice to know which one defines SBIOCSCHUNK and SBIOCSTIME. Thanks, Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. David Fifield (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. doug (Aug 07)
- <Possible follow-ups>
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 07)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. doug (Aug 08)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 08)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 10)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)
- Re: Nmap on Solaris 9 and Solaris 10 not working right? Going way too slow. jayrhine (Aug 11)