Nmap Development mailing list archives
Re: IPv6 ranges
From: Xu Weilin <mzweilin () gmail com>
Date: Thu, 23 Jun 2011 09:46:37 +0800
Yes, it's reasonable to implement IPv6 ranges first. I forgot that we hadn't implement the basic parsing of IPv6 CIDR before. Now I should spend some time on learning NSE script. On Thu, Jun 23, 2011 at 8:16 AM, David Fifield <david () bamsoftware com>wrote:
Weilin, I think that we must implement IPv6 ranges before doing multicast host discovery. The reason for this is that I think it only makes sense to use multicast when dealing with a whole network. Currently Nmap's model is to parse the command-line host specifications, return one host at a time (see TargetGroup::get_next_host), and then feed those (4096 at a time) into ping scan. We need to change that, so that we can feed an entire block like fe80::/64 into ping scan when appropriate, without enumerating 2^64 addresses. Colin has done the first steps towards this model. Please see the code in nbase/nbase_addrset.c. This code can store IPv4 ranges and IPv6 networks with netmasks, without using very much space. We already use this new code for Nmap's --exclude option. The addrset code does not yet support iteration over members. We need to make it do that, but it must be capable of returning entire blocks when asked. For example, given the address specifications ::1 fe80::/64 1:2:3::4:5:6 scanmev6.nmap.org/112 the iteration would return the single host ::1, the network fe80::/64, the single host 1:2:3::4:5:6, and the network 2600:3c01::f03c:91ff:fe93:cd19/112. The next higher level would see: * ::1 as a localhost address (and not ping it), * fe80::/64 as a local network (and do multicast ping on it), * 1:2:3::4:5:6 as a single IP address (and do unicast ping on it), and * 2600:3c01::f03c:91ff:fe93:cd19/112 as a remote network (which it would then further iterate into 256 unicast hosts). I want to suggest that you first implement these multicast host discovery probes in an NSE script. It would look like this: nmap -6 --script=ipv6-multicast --script-args=newtargets The ipv6-multicast.nse script would send all the multicast probes we know of, and wait for replies. It would then add them to the Nmap scanning queue with the target.add function: http://nmap.org/nsedoc/lib/target.html#add This way we can make progress on multicast discovery without needing all the details of figuring out when to do multicast versus unicast. Who knows, maybe NSE is the best way to implement this anyway. David Fifield
-- Regards Xu Weilin 许伟林 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- IPv6 ranges David Fifield (Jun 22)
- Re: IPv6 ranges Xu Weilin (Jun 22)