Nmap Development mailing list archives
Re: Nmap Exclude and Addrset
From: Daniel Miller <bonsaiviking () gmail com>
Date: Sat, 18 Jun 2011 09:48:47 -0500
Confirmed, I get the same linker error. Even though ncat is pure C, libnetutil is C++. Dan On Sat, Jun 18, 2011 at 8:23 AM, Shinnok <admin () shinnok com> wrote:
Hi Colin, Ncat make seems to be broken after this commit: gcc -o ncat -g -O2 -Wall -L../libpcap ncat_main.o ncat_connect.o ncat_core.o ncat_posix.o ncat_listen.o ncat_proxy.o ncat_broker.o ncat_ssl.o base64.o http.o util.o sys_wrap.o http_digest.o ../nsock/src/libnsock.a ../nbase/libnbase.a -lssl -lcrypto -lpcap -lssl -lcrypto -ldl ../libnetutil/libnetutil.a ../libdnet-stripped/src/.libs/libdnet.a ../libnetutil/libnetutil.a(addrset.o):(.eh_frame+0x12): undefined reference to `__gxx_personality_v0' ../libnetutil/libnetutil.a(netutil.o):(.eh_frame+0x12): undefined reference to `__gxx_personality_v0' collect2: ld returned 1 exit status Adding -lstdc++ to the gcc line fixed it for me, however, I doubt that this is the right solution, since Ncat is supposed to be pure C and linking against the standard c++ library would be bad. Here's what nm has to say about it: -- $nm ../libnetutil/libnetutil.a | grep -i -B4 personality 00000420 b _ZZL6STRAPPPKczE3buf U __assert_fail U __errno_location U __fprintf_chk U __gxx_personality_v0 -- addrset.o: U _IO_getc U _Z13netutil_errorPKcz U __errno_location U __gxx_personality_v0 --- U means undefined. Regards, Shinnok On 06/17/2011 11:19 PM, Colin L. Rice wrote:Hello, We recently decided to move the address set in ncat_hostmatch.c to libnetutil in order to utilize its address set in Nmap. This has been done. As a consequence IPv6 excludes are now supported and this: nmap -6 --exclude nmap.org/112 nmap.org scanme.nmap.org -d goes from : Starting Nmap 5.52.IPv6.Beta2 ( http://nmap.org ) at 2011-06-17 15:12 CDT PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0) --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- Invalid host expression: nmap.org/112 -- slash not allowed. IPv6 addresses can currently only be specified individually QUITTING! To: Starting Nmap 5.52.IPv6.Beta2 ( http://nmap.org ) at 2011-06-17 15:14 CDT PORTS: Using top 1000 ports found open (TCP:1000, UDP:0, SCTP:0) --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- Initiating Ping Scan at 15:14 Scanning scanme.nmap.org (2600:3c01::f03c:91ff:fe93:cd19) [2 ports] Completed Ping Scan at 15:14, 0.00s elapsed (1 total hosts) Overall sending rates: 3853.56 packets / s. Initiating System DNS resolution of 1 host. at 15:14 Completed System DNS resolution of 1 host. at 15:14, 0.00s elapsed Nmap scan report for scanme.nmap.org (2600:3c01::f03c:91ff:fe93:cd19) [host down, received net-unreach] Read from /usr/local/bin/../share/nmap: nmap-payloads nmap-services. Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 0.06 seconds On a technical note there is another file in libnetutil addrset.c. An addrset is a c linked list which holds a union of bitvectors and ipv6 addresses/masks. It works quite well in filtering out allowed versus disallowed structures. Some of its functions are slightly changed from the ncat_hostmatch in order to pass options in the functions and not use o.blah which differs between programs. Everything has been updated including the tests in ncat/test. There should be no difference in ncats behavior. If you notice one give me a yell. Cheers, -Colin _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap Exclude and Addrset Colin L. Rice (Jun 17)
- Re: Nmap Exclude and Addrset Shinnok (Jun 18)
- Re: Nmap Exclude and Addrset Daniel Miller (Jun 18)
- Re: Nmap Exclude and Addrset Colin L. Rice (Jun 18)
- Re: Nmap Exclude and Addrset David Fifield (Jun 18)
- Re: Nmap Exclude and Addrset Daniel Miller (Jun 18)
- Re: Nmap Exclude and Addrset Shinnok (Jun 18)