Nmap NSE net: path-mtu

###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_nmap_path_mtu_net.nasl 5505 2017-03-07 10:00:18Z teissa $
#
# Autogenerated NSE wrapper
#
# Authors:
# NSE-Script: Kris Katterjohn
# NASL-Wrapper: autogenerated
#
# Copyright:
# NSE-Script: The Nmap Security Scanner (http://nmap.org)
# Copyright (C) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_summary = "Performs simple Path MTU Discovery to target hosts.

TCP or UDP packets are sent to the host with the DF (don't fragment) bit set and with varying
amounts of data.  If an ICMP Fragmentation Needed is received, or no reply is received after
retransmissions, the amount of data is lowered and another packet is sent.  This continues until
(assuming no errors occur) a reply from the final host is received, indicating the packet reached
the host without being fragmented.

Not all MTUs are attempted so as to not expend too much time or network resources.  Currently the
relatively short list of MTUs to try contains the plateau values from Table 7-1 in RFC 1191, 'Path
MTU Discovery'. Using these values significantly cuts down the MTU search space.  On top of that,
this list is rarely traversed in whole because:     * the MTU of the outgoing interface is used as a
starting point, and     * we can jump down the list when an intermediate router sending a
'can't fragment' message includes its next hop MTU (as described       in RFC 1191 and required by
RFC 1812)";

if(description)
{
    script_id(104010);
    script_version("$Revision: 5505 $");
    script_tag(name:"last_modification", value:"$Date: 2017-03-07 11:00:18 +0100 (Tue, 07 Mar 2017) $");
    script_tag(name:"creation_date", value:"2011-06-01 16:32:46 +0200 (Wed, 01 Jun 2011)");
    script_tag(name:"cvss_base", value:"0.0");
    script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:N");
    script_name("Nmap NSE net: path-mtu");


    script_category(ACT_INIT);
    script_tag(name:"qod_type", value:"remote_analysis");
    script_copyright("NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH");
    script_family("Nmap NSE net");
    script_dependencies("nmap_nse_net.nasl");
    script_mandatory_keys("Tools/Launch/nmap_nse_net");


    script_tag(name : "summary" , value : tag_summary);
    exit(0);
}


include("nmap.inc");


phase = 0;
if (defined_func("scan_phase")) {
    phase = scan_phase();
}

if (phase == 1) {
    # Get the preferences
    argv = make_array();


    nmap_nse_register(script:"path-mtu", args:argv);
} else if (phase == 2) {
    res = nmap_nse_get_results(script:"path-mtu");
    foreach portspec (keys(res)) {
        output_banner = 'Result found by Nmap Security Scanner (path-mtu.nse) http://nmap.org:\n\n';
        if (portspec == "0") {
            log_message(data:output_banner + res[portspec], port:0);
        } else {
            v = split(portspec, sep:"/", keep:0);
            proto = v[0];
            port = v[1];
            log_message(data:output_banner + res[portspec], port:port, protocol:proto);
        }
    }
}