Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add --no-shutdown option. #151

Closed
wants to merge 1 commit into from
Closed

Conversation

adsr
Copy link

@adsr adsr commented Jun 4, 2015

This option solves issue #142. It prevents Ncat from putting the connection in
half-duplex mode after seeing EOF on stdin. This emulates the behavior of
OpenBSD-netcat's -d option. The -d option itself prevents a bug affecting
some versions of that program in which the sender closes the connection
prematurely upon receiving a FIN packet from a receiver.

If you'll merge this, please advise on how to regenerate docs and manpages.

This option solves issue nmap#142. It prevents Ncat from putting the connection in
half-duplex mode after seeing EOF on stdin. This emulates the behavior of
OpenBSD-netcat's `-d` option. The `-d` option itself prevents a bug affecting
some versions of that program in which the sender closes the connection
prematurely upon receiving a FIN packet from a receiver.
@adsr
Copy link
Author

adsr commented Jun 12, 2015

@dmiller-nmap @bonsaiviking Gentle bump on this. Any feedback?

@dmiller-nmap
Copy link

@d33tah would you and @andrewfarabee be willing to analyze this PR in light of #142?

@jraber
Copy link

jraber commented Jun 18, 2015

I experienced the behavior described in issue #142 in Fedora 22, using ncat 6.47, while making a systemd service that uses ncat in listen mode.

My .service file calls ncat like the below:

ExecStart = /usr/bin/bash -c "/usr/bin/ncat --recv-only -v -i 4h --allow x.x.x.x -o /var/log/somelogfile.log --append-output y.y.y.y 1234

The above command works just fine when I execute it from the command line. I was able to connect to the listening port using telnet, send data, the data is saved in the specified file, and ncat terminated when I closed the connection.

However, when started via the systemd service, it behaves differently. ncat started ok. I was able to see the process was listening for a connection on the specified port. But, when I connected to the listening port, I was immediately disconnected (telnet said 'connection closed by foreign host'), and ncat terminated with return code 0.

Using strace, I was able to see that ncat was reading 1 byte from stdin when I connected to the listening port. (By default, stdin for systemd services is connected to /dev/null). ncat then immediately shuts down the port and, since I didn't start it with --keep-open, ncat terminates.

If I include the option '--keep-open' when starting the service, the first connection attempt is immediately disconnected but all subsequent connections are successful.

I would really like to see the --no-shutdown option included. Also, it might be a good idea to include a note about this behavior in the man page under the --listen option.

@d33tah
Copy link

d33tah commented Jun 30, 2015

@andrewfarabee - adsr asked me on IRC if we have plans to take up this ticket. For now we agreed that we'll work on socks4a, is that right?

@andrewfarabee
Copy link

Yeah, that's right, sorry I missed that.

On Tue, Jun 30, 2015 at 1:08 PM, Jacek Wielemborek <notifications@github.com

wrote:

@andrewfarabee https://github.com/andrewfarabee - adsr asked me on IRC
if we have plans to take up this ticket. For now we agreed that we'll work
on socks4a, is that right?


Reply to this email directly or view it on GitHub
#151 (comment).

@nmap-bot nmap-bot closed this in 1b4c4a9 Nov 10, 2015
qha pushed a commit to qha/nmap that referenced this pull request Dec 16, 2015
@cskeeters
Copy link

I'm using a version of ncat that doesn't support the --no-shutdown option. Instead of closing stdin I used "--recv-only" and "< /dev/zero" to prevent EOF from shutting ncat down. The zero byte read from stdin doesn't seem to be used for anything.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

6 participants