Update netutil.cc

WIP for nmap#34. This avoids false packet drops caused by libpcap buffering packets before returning them, making Nmap think that there is no response within its expected round trip timeout, leading to additional probes sent as retries. When the buffered packets then are returned, Nmap assumes that there were packet drops, due to getting responses "after" its retry probes, but not from the first probe (in reality, no packets were lost). This is based on code seen in here: nmap#34 (comment) It's just a quick patch to show the change. It doesn't implement error checking on pcap_activate, and doesn't check to see if pcap_set_immediate_mode is supported in the case of OS-provided libpcap.
djcater · Aug 2, 2018 · 559f52f · 559f52f
1 parent 087b445
commit 559f52f
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/libnetutil/netutil.cc b/libnetutil/netutil.cc
@@ -4110,17 +4110,23 @@ pcap_t *my_pcap_open_live(const char *device, int snaplen, int promisc, int to_m
  Strncpy(pcapdev, device, sizeof(pcapdev));
 #endif
  do {
- pt = pcap_open_live(pcapdev, snaplen, promisc, to_ms, err0r);
+ pt = pcap_create(pcapdev, err0r);
  if (!pt) {
  failed++;
  if (failed >= 3) {
  return NULL;
  } else {
- netutil_error("pcap_open_live(%s, %d, %d, %d) FAILED. Reported error: %s. Will wait %d seconds then retry.", pcapdev, snaplen, promisc, to_ms, err0r, compute_sleep_time(failed));
+ netutil_error("pcap_create(%s) FAILED. Reported error: %s. Will wait %d seconds then retry.", pcapdev, err0r, compute_sleep_time(failed));
  }
  sleep( compute_sleep_time(failed) );
  }
  } while (!pt);
+
+ pcap_set_snaplen(pt, snaplen);
+ pcap_set_promisc(pt, promisc);
+ pcap_set_timeout(pt, to_ms); // Ignored in immediate mode
+ pcap_set_immediate_mode(pt, 1);
+ pcap_activate(pt);
 
 #ifdef WIN32
  if (wait == WAIT_ABANDONED || wait == WAIT_OBJECT_0) {