nmap-parser 0.3.2 → 0.3.5

data/BUGS

@@ -1,4 +1,5 @@
-If you find any bugs, please report them to me:
+$Id: BUGS 196 2009-06-26 01:50:27Z kjak $
 
-	Kris Katterjohn <katterjohn[at]gmail.com>
+If you find any bugs, please report them (or even better: send a patch!) to me,
+Kris Katterjohn, at katterjohn(a)gmail.com
 

data/ChangeLog.rdoc

@@ -0,0 +1,249 @@
+= Ruby Nmap::Parser ChangeLog
+
+$Id: ChangeLog.rdoc 219 2010-06-02 03:46:41Z kjak $
+
+=== 0.3.5 (Jun 1 2010)
+
+* Nmap::Parser.new() now no longer accepts a string to parse, but rather a hash
+  of options (more on this below).  new() of course returns a new Parser object,
+  but now after you have the object you call instance parsing methods such as
+  parsescan() or parsefile() to do the work.  All of the class methods which
+  previously existed are still available; they're just wrappers around new()
+  and the instance methods now.
+
+* Switched from parsing the XML using the tree-style approach to using a stream
+  approach.  It was kind of a pain in the ass setting up the "listener" class
+  and associated helper structures since I've never done it before, but it
+  was all well worth it to help speed things up.  I'm still using REXML instead
+  of something I've heard to be much faster (e.g. libxml) because I think a
+  big determining factor on what to use is its availability.  REXML has come in
+  Ruby's standard library since 1.8.
+
+* You can now parse using callbacks.  Tell Parser what method or proc you want
+  to use like this:
+	Nmap::Parser.new(:callback => mymeth)
+  Now as soon as a new Host object is created (which happens a lot faster now
+  thanks to the stream-style XML parsing), it will be passed to your callback
+  much like this:
+  	mymeth.call(newhostobj)
+  The callback is run in a new thread.
+
+* Added support for the SCTP scanning capabilities Nmap newly acquired.
+
+* Added getport(), getports() and getportlist() methods to ::Host.  The first
+  argument can be symbol specifying the desired protocol to use (:tcp, :udp,
+  :sctp or :ip), and the rest is the same as the corresponding method, e.g.
+	getports(:tcp, 'open')
+  is the same as
+	tcp_ports('open')
+
+  getports() also supports an :any type to give matching ports from all
+  protocols.  I want to thank Tom Sellers (nmap(a)fadedcode.net) for discussing
+  this latter aspect with me as he had the general idea for this functionality
+  but just a different design in mind.
+
+  The first argument can also be an array of symbols specifying the protocols
+  to use, such as [:tcp, :udp].
+
+* Added numhosts() to ::Session, which currently returns the number of up, down
+  or total hosts scanned.  This can be very different from calling things like
+  hosts.size or get_ips.size in Parser because Nmap usually won't list all of
+  the individual hosts that it doesn't know or assume to be up (unless, for
+  example, you're doing a ping or list scan).
+
+* Added a + operator to Nmap::Parser to return a new Parser object containing
+  hosts from both operands (but no duplicates from the second, as determined by
+  host.addr info).  rawxml and session are both nil in the new object.  The new
+  combination? method is provided to return a boolean value depending on whether
+  or not the current object is just a combination of others.
+
+* Added exit and errormsg to ::Session for the new XML attributes.  The former
+  specifies if Nmap exited successfully ("success") or in error ("error"), and
+  if applicable, in the latter provides the error message.
+
+* Added version constants to Parser:
+	Major - Major version number (currently 0)
+	Minor - Minor version number (currently 3)
+	Teeny - Teeny version number (currently 5)
+	Stage - Development stage ("release" or "dev", currently the former)
+	Version - Pre-built string in the form Major.Minor.Teeny
+
+* Fixed some methods in ::OS which could have lead to an exception if given
+  an invalid index.
+
+* Fixed get_ips() in ::Parser which was broken and would end up generating
+  an ArgumentError.
+
+* Have scan_time in ::Session take on (stop_time-start_time).to_f (which was
+  its original value) if the "elapsed" XML attribute isn't available.  I added
+  this attribute to Nmap, but I was totally absent-minded here and completely
+  neglected earlier versions.  Thanks to Dustin Webber (dustinw(a)aos5.com)
+  for the report of 0.0 results.
+
+* Fixed the tcpsequence_index Host attribute so that it's an integer instead
+  of a string (from the XML parsing).
+
+* Added proto to ::Port to hold the port protocol (e.g. "tcp").  This is one
+  of those simple things that just should've been in from the start.  Thanks
+  to Tom Sellers (nmap(a)fadedcode.net) for the patch.
+
+* Fixed the regex which looks for output options (-o*) in parsescan(); it was
+  matching things like the script name smb-os-discovery.  Thanks to Russell
+  Fulton (r.fulton(a)auckland.ac.nz) for the report and fix.
+
+* Instead of being quite so anal, the Parser now accepts XML not only as a
+  String but also as anything responding to to_str().
+
+* Use /usr/bin/env in the shebang (#!) lines of the example scripts for some
+  improved portability.  Thanks to Daniel Roethlisberger (daniel(a)roe.ch) for
+  noticing the problem and taking care of this.
+
+* The mysterious and totally inconspicuously named :blinken key can also be
+  used in the new() option hash. :)
+ 
+* Made a lot of internal implementation improvements, including (but most
+  definitely not limited to!) doing some metaprogramming.
+
+* Added some unit tests, starting with test/test.ts.rb.  The tests performed
+  now are messy and incomplete so far, but I originally wrote them nearly a
+  year ago and I think that it's better than nothing.  I hope to eventually
+  have unit tests covering every aspect of the parser, even all of the little
+  tedious things I was too lazy to write tests for before.  Any help writing
+  tests would be much appreciated! :)
+
+* Made many documentation improvements.
+
+* Renamed this ChangeLog to ChangeLog.rdoc and formatted it RDoc-style.
+
+=== 0.3.2 (Feb 8 2009)
+
+* Fixed a state matching bug in methods like tcp_ports() in which a specified
+  state would sometimes match an unrelated one.  Now these methods properly
+  match all states exactly as well as combinations like "open|filtered" as
+  they should.  (This bug didn't affect matching "open" ports).
+
+* Added parsestring() to parse a string of XML data.  This is currently just
+  an alias for new()
+
+* Added an examples directory to hold some (currently simple) scripts
+
+* Added <=> method to ExtraPorts which compares port counts
+
+* Added <=> method to Traceroute::Hop which compares TTLs
+
+* Updated scan_time in ::Session to use the new "elapsed" attribute (which
+  can give a floating point value)
+
+* Improved exception messages raised by the library
+
+* Many doc and general code improvements
+
+=== 0.3.1 (Jan 1 2009)
+
+* Enhanced port specification parsing code
+
+* Added the newer starttime and endtime host attributes (individual host
+  scan times) to ::Host
+
+* Added the newer scanflags scaninfo attribute as scanflags() in ::Session
+  for printing the scanflags associated with the specified scan type (e.g.
+  "PSHACK" for scan type "ack")
+
+* Various implementation reworkings
+
+* Many documentation updates
+
+=== 0.3 (Apr 24 2008)
+
+* Moved the library (and changed the filename) from nmapparser to
+  nmap/parser, so any existing scripts need to be updated
+
+* Added nmap-parser.gemspec as a gem will be available from now on
+
+* Added parseread() for reading and parsing XML from any object that
+  responds to a read() method that returns a String
+
+* Added tcp_port(), udp_port() and ip_proto() to ::Host for requesting a
+  Port object for a single port
+
+* Added tcp_script(), udp_script() and script() to ::Host for requesting
+  a single Script object
+
+* Added script() and script_output() to ::Port for requesting either the
+  Script object or output for the specified script
+
+* Added hop() to ::Traceroute for requesting the Hop object for the host
+  at the specified hop (TTL)
+
+* Nmap::Parser.[get_]host() and Nmap::Parser.del[ete]_host() now operate
+  on an IP address or hostname
+
+* Methods and class members which are naturally numeric (port numbers,
+  TTL counts, RTT, etc.) are now returned as such.  Before they were
+  being returned as strings from the XML parsing.
+
+* Nmap::Parser.new() now yields the new object to a block if one is
+  given.  This was supposed to be implemented before, but wasn't.
+
+* ::Port, ::OS::OSClass and ::OS::OSMatch now all have a <=> operator
+  for sorting
+
+* Nmap::Parser now has a == operator defined which compares the rawxml
+  members
+
+* All previously available arrays have been turned into methods which,
+  besides just returning the array, yields each element to a block if
+  one is given.  Most arrays were set up this way already, but this
+  will be the "standard" way arrays are presented now.  Any existing
+  code will still work without change because Ruby is awesome like that.
+
+* Methods which take an array index or hash key have been updated to use
+  conversion methods (e.g. to_i and to_s) to allow for (depending on the
+  circumstance) more correct and straightforward use
+
+* Updated parsescan() to better check for Nmap output options (-o*)
+  being passed to it, and to use Open3.popen3() instead of IO.popen()
+  for running Nmap.  If Open3 fails to load, however, popen() is used.
+
+* Added the following aliases: ::Host hostnames -> all_hostnames, ::OS
+  names -> all_names, and ::Hop ipaddr -> addr
+
+* Fixed the ::OS tcpport_open, tcpport_closed, and udpport_closed methods
+
+* Fixed the ::Session stop_str and stop_time
+
+* Added a *lot* of comments, mainly for better RDoc documentation
+
+* Removed the addrtype member from ::Host as it wasn't useful and often
+  wrong
+
+* Removed min_parallelism and max_parallelism from ::Session as I seem
+  to have.. uh.. imagined they existed :)
+
+=== 0.2.1 (Jan 4 2008)
+
+* Fixed a bug that spawned from an assumption I made.  The parsing
+  would fail if OS detection was performed but the scan wasn't run
+  with -v or -d.  The OS fingerprint is printed in the XML output
+  if either of these are used.  I virtually always run with -d, so
+  the fingerprint was always there for me, and I just assumed that
+  the fingerprint is *always* printed.  parsescan() always sets -d,
+  so it isn't affected.
+
+=== 0.2 (Jan 3 2008)
+
+* Fixed a bug (typo) with the read accessor for the MAC address
+  information in ::Host (mac_addr and mac_vendor).  Thanks to
+  Stefan Friedli (stfr(a)scip.ch) for the report and patch.
+
+* Added extraports information via ::Host::ExtraPorts class
+
+* Added devicetype, ostype and the RPC lowver and highver to
+  ::Host::Port::Service
+
+* Updated and reworded docs
+
+=== 0.1 (Dec 11 2007)
+
+* Initial Release
+

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2007-2009 Kris Katterjohn
+Copyright (c) 2007-2010 Kris Katterjohn
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README

@@ -1,41 +1,45 @@
-===============================================================================
-== Ruby Nmap::Parser                         http://rubynmap.sourceforge.net ==
-== Kris Katterjohn                                      katterjohn@gmail.com ==
-===============================================================================
+-------------------------------------------------------------------------------
+-- Ruby Nmap::Parser                         http://rubynmap.sourceforge.net --
+-- Kris Katterjohn                                      katterjohn@gmail.com --
+-------------------------------------------------------------------------------
 
-$Id: README 126 2009-02-08 15:32:04Z kjak $
+$Id: README 208 2010-06-01 17:59:08Z kjak $
 
 
 OVERVIEW
-========
+--------
 
-This library provides a Ruby interface to Nmap's scan data.  It can run Nmap
-and parse its XML output directly from the scan, parse a file containing the
-XML data from a separate scan, parse a String of XML data from a scan, or parse
-XML data from an object via its read() method.  This information is presented
-in an easy-to-use and intuitive fashion for storage and manipulation.
+This library provides a Ruby interface to the Nmap Security Scanner and its
+XML formatted scan data.  It can run Nmap and parse its XML output directly
+from the scan, parse a file or string of XML scan data, or parse XML scan
+data from an object via its read() method.  This information is presented in
+an easy-to-use and intuitive fashion for further storage and manipulation.
 
-Keep in mind that this is not just some Ruby port of Anthony Persaud's Perl
-Nmap::Parser!  There are more classes, many different methods, and blocks are
-extensively available.
+Note that while Anthony Persaud's Perl Nmap::Parser was certainly an
+inspiration when designing this library, there are a number of distinguishing
+characteristics.  Very briefly, this library contains more classes, many more
+methods, and has blocks extensively available.
 
 
 REQUIREMENTS and RECOMMENDATIONS
-================================
+--------------------------------
 
 Things Required:
 
-- Nmap (http://nmap.org) [Only required for parsescan()]
+* Nmap Security Scanner (http://nmap.org) [Only required for parsescan()]
+
+* REXML Ruby Library [In standard library with Ruby >= 1.8]
 
-- REXML Ruby Library [In standard library with Ruby >= 1.8]
 
 Things Recommended:
 
-- Open3 Ruby Library [In standard library]
+* Ruby version >= 1.9.1, which is far faster than the 1.8 versions
+
+* Open3 Ruby Library [In standard library; for parsescan()]
 
 
 HELP
-====
+----
 
 The website has detailed RDoc documentation available.  You can create a quick
 set of these docs yourself by issuing the following command from the base

data/TODO

@@ -0,0 +1,4 @@
+$Id: TODO 216 2010-06-02 02:32:21Z kjak $
+
+* Continue writing unit tests
+

data/examples/listopentcp.rb

@@ -1,4 +1,4 @@
-#!/usr/bin/ruby
+#!/usr/bin/env ruby
 #
 # Very simple script to print out the open TCP ports for each host
 #
@@ -6,13 +6,13 @@
 
 require 'nmap/parser'
 
-p = Nmap::Parser.parsescan("nmap", "192.168.11.0/24")
+p = Nmap::Parser.parsescan("nmap", "-T4 192.168.10.0/24")
 
 p.hosts("up") do |host|
 	puts "#{host.addr}:"
 
 	host.tcp_ports("open") do |port|
-		puts "Got #{port.num}/tcp"
+		puts "Got #{port.num}/#{port.proto}"
 	end
 
 	puts

data/examples/services.rb

@@ -1,29 +1,28 @@
-#!/usr/bin/ruby
+#!/usr/bin/env ruby
 #
-# A really simplistic script which prints out service information for the
-# open TCP and UDP ports found by scanning a host
+# A simple script which prints out service information for the open TCP and
+# UDP ports found by scanning a host
 #
-# Kris Katterjohn 01/27/2009
+# Kris Katterjohn 02/16/2009
 
 require 'nmap/parser'
 
-def printport(port, proto)
-	srv = port.service
-
-	puts
-	puts "Port ##{port.num}/#{proto} is open (#{port.reason})"
-	puts "\tService: #{srv.name}" if srv.name
-	puts "\tProduct: #{srv.product}" if srv.product
-	puts "\tVersion: #{srv.version}" if srv.version
-	puts
-end
-
-p = Nmap::Parser.parsescan("sudo nmap", "-sSUV 192.168.11.1")
+p = Nmap::Parser.parsescan("sudo nmap", "-T4 -sSUV 192.168.10.0/24")
 
 p.hosts("up") do |host|
 	puts "#{host.addr}:"
-	host.tcp_ports("open") { |port| printport(port, "tcp") }
-	host.udp_ports("open") { |port| printport(port, "udp") }
+
+	[:tcp, :udp].each do |type|
+		host.getports(type, "open") do |port|
+			srv = port.service
+			puts "Port ##{port.num}/#{port.proto} is open (#{port.reason})"
+			puts "\tService: #{srv.name}" if srv.name
+			puts "\tProduct: #{srv.product}" if srv.product
+			puts "\tVersion: #{srv.version}" if srv.version
+			puts
+		end
+	end
+
 	puts
 end
 

data/lib/nmap/parser.rb

@@ -1,10 +1,18 @@
-# Ruby library for parsing Nmap's XML output
+# = nmap/parser.rb: Nmap::Parser
+#
+# Ruby interface to the Nmap Security Scanner and its XML formatted scan data
+#
+# = Homepage
 #
 # http://rubynmap.sourceforge.net
 #
-# Author: Kris Katterjohn <katterjohn@gmail.com>
+# = Author
+#
+# Kris Katterjohn (katterjohn@gmail.com)
 #
-# Copyright (c) 2007-2009 Kris Katterjohn
+# = License
+#
+# Copyright (c) 2007-2010 Kris Katterjohn
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to deal
@@ -24,37 +32,56 @@
 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 # THE SOFTWARE.
 
-# $Id: parser.rb 129 2009-02-08 17:14:39Z kjak $
-# https://rubynmap.svn.sourceforge.net/svnroot/rubynmap
+# $Id: parser.rb 220 2010-06-02 03:51:54Z kjak $
+# https://rubynmap.svn.sourceforge.net/svnroot/rubynmap/trunk
+
+# :main: Nmap::Parser
+# :title: Ruby Nmap::Parser
 
 require 'rexml/document'
 
 begin
 	require 'open3'
 rescue LoadError
-	# We'll just use IO.popen()
 end
 
-# Just holds the big Parser class.
+# :stopdoc:
+begin
+	require 'rubygems'
+	require 'blinkenlights'
+rescue LoadError
+end
+# :startdoc:
+
+# Provides a namespace for everything this library creates
 module Nmap
+	# :stopdoc:
+
+	# Holds all of the classes for the stream-style XML parsing (the
+	# listener class and my helper structure classes)
+	module XmlParsing
+	end
+
+	# :startdoc:
 end
 
 =begin rdoc
 
 == What Is This Library For?
 
-This library provides a Ruby interface to Nmap's scan data.  It can run Nmap
-and parse its XML output directly from the scan, parse a file containing the
-XML data from a separate scan, parse a String of XML data from a scan, or parse
-XML data from an object via its read() method.  This information is presented
-in an easy-to-use and intuitive fashion for storage and manipulation.
+This library provides a Ruby interface to the Nmap Security Scanner and its
+XML formatted scan data.  It can run Nmap and parse its XML output directly
+from the scan, parse a file or string of XML scan data, or parse XML scan
+data from an object via its read() method.  This information is presented in
+an easy-to-use and intuitive fashion for further storage and manipulation.
 
-Keep in mind that this is not just some Ruby port of Anthony Persaud's Perl
-Nmap::Parser!  There are more classes, many different methods, and blocks are
-extensively available.
+Note that while Anthony Persaud's Perl Nmap::Parser was certainly an
+inspiration when designing this library, there are a number of distinguishing
+characteristics.  Very briefly, this library contains more classes, many more
+methods, and has blocks extensively available.
 
-The Nmap Security Scanner is an awesome program written and maintained by
-Fyodor <fyodor@insecure.org>.  Its main function is port scanning, but it also
+The Nmap Security Scanner is an awesome utility written and maintained by
+Fyodor (fyodor(a)insecure.org).  Its main function is port scanning, but it also
 has service and operating system detection, its own scripting engine and a
 whole lot more.  One of its many available output formats is XML, which allows
 machines to handle all of the information instead of us slowly sifting through
@@ -64,10 +91,10 @@ tons of output.
 
 Depending on the data type, unavailable information is presented differently:
 
-  - Arrays are empty
-  - Non-arrays are nil, unless it's a method that returns the size of one of
-    the previously mentioned empty arrays.  In this case they still return the
-    size (which would be 0).
+* Arrays are empty
+* Non-arrays are nil, unless it's a method that returns the size of one of
+  the previously mentioned empty arrays.  In this case they still return the
+  size (which would be 0).
 
 All information available as arrays are presented via methods.  These methods
 not only return the array, but they also yield each element to a block if one
@@ -101,29 +128,49 @@ is given.
       |
       + OSMatch       <- OS Match information
 
-== Parsing XML Data Already Available
+== Examples
+
+There are two ways to go about getting a new Parser object and actually parsing
+Nmap's XML output:
+
+* Call one of the Nmap::Parser class methods to parse the XML and return a new
+  Parser object all in one step.
+
+* Call Nmap::Parser.new to get a new object and then call one of the instance
+  parsing methods (e.g. parsefile()).  The main reason to go this route is that
+  new() takes a hash of options; for example, this is how the callback feature
+  is implemented.
+
+=== Parsing XML Data Already Available as a String
+
+This method is not limited to only String objects, but rather any object which
+responsds to to_str().
 
 	require 'nmap/parser'
 
-	parser = Nmap::Parser.parsestring(xml) # String of XML
-	parser = Nmap::Parser.new(xml) # Same thing
+	parser = Nmap::Parser.new
+	parser.parsestring(xml)
 
-== Reading and Parsing from a File
+or
+
+	parser = Nmap::Parser.parsestring(xml)
+
+=== Reading and Parsing From a File
 
 	require 'nmap/parser'
 
 	parser = Nmap::Parser.parsefile("log.xml")
 
-== Reading and Parsing from an Object
+=== Reading and Parsing From an Object
 
-This method can read from any object that responds to a read() method that
-returns a String.
+This method can read from any object responding to a read() method that
+returns a String (or something else responding to to_str())
 
 	require 'nmap/parser'
 
 	parser = Nmap::Parser.parseread($stdin)
 
-== Scanning and Parsing
+=== Scanning and Parsing
 
 This is the only Parser method that requires Nmap to be available.
 
@@ -131,12 +178,34 @@ This is the only Parser method that requires Nmap to be available.
 
 	parser = Nmap::Parser.parsescan("sudo nmap", "-sVC 192.168.1.0/24")
 
-== Actually Doing Something
+=== Registering a Callback
+
+To use a callback you create a new Parser object and register a proc or method
+to call each time a new host is parsed, as soon as it's parsed.  The callback
+is then run in a new thread and is passed the newly created Nmap::Parser::Host
+object.
+
+	require 'nmap/parser'
+
+	callback = proc do |host|
+		return if host.status != "up"
+		puts "Found #{host.addr}"
+	end
+
+	parser = Nmap::Parser.new(:callback => callback)
+	parser.parsefile("nmaplog.xml")
 
-After printing a little session information, this example will cycle
-through all of the up hosts, printing state and service information on
-the open TCP ports.  See the examples directory that comes with this
-library for more examples.
+	# Found 192.168.10.1
+	# Found 192.168.10.2
+	# Found 192.168.10.7
+	# [...]
+
+=== Doing a Bit More
+
+After printing a little session information, this example will cycle through
+all of the up hosts, printing state and service information on the open TCP
+and UDP ports.  See the examples directory that comes with this library for
+more examples.
 
 	puts "Nmap args: #{parser.session.scan_args}"
 	puts "Runtime: #{parser.session.scan_time} seconds"
@@ -146,130 +215,181 @@ library for more examples.
 		puts "#{host.addr} is up:"
 		puts
 
-		host.tcp_ports("open") do |port|
-			srv = port.service
+		[:tcp, :udp].each do |type|
+			host.getports(type, "open") do |port|
+				srv = port.service
 
-			puts "Port ##{port.num}/tcp is open (#{port.reason})"
-			puts "\tService: #{srv.name}" if srv.name
-			puts "\tProduct: #{srv.product}" if srv.product
-			puts "\tVersion: #{srv.version}" if srv.version
-			puts
+				puts "Port ##{port.num}/#{port.proto} is open (#{port.reason})"
+				puts "\tService: #{srv.name}" if srv.name
+				puts "\tProduct: #{srv.product}" if srv.product
+				puts "\tVersion: #{srv.version}" if srv.version
+				puts
+			end
 		end
 
 		puts
 	end
+
+== Credits
+
+Author & Maintainer:
+
+* Kris Katterjohn (katterjohn(a)gmail.com)
+
+Contributors (in chronological order of first contribution):
+
+* Stefan Friedli (stfr(a)scip.ch)
+* Daniel Roethlisberger (daniel(a)roe.ch)
+* Dustin Webber (dustinw(a)aos5.com)
+* Tom Sellers (nmap(a)fadedcode.net)
+* Rory McCune (rorym(a)nmrconsult.net)
+* Russell Fulton (r.fulton(a)auckland.ac.nz)
+
+Thanks a lot for taking the time and helping out, everybody!
+
+For information on what each contributor actually did, please take a look at
+the project's ChangeLog and Subversion logs.
+
 =end
 class Nmap::Parser
-	# Holds the raw XML output from Nmap
+	# Raw XML output from the scan
 	attr_reader :rawxml
-	# Session object for this scan
+	# Session object for the scan
 	attr_reader :session
 
-	# Read and parse XML from the +obj+.  +obj+ can be any object type
-	# that responds to a read() method that returns a String.  IO and
-	# File are just a couple of examples.
+	# Major version number
+	Major = 0
+	# Minor version number
+	Minor = 3
+	# Teeny version number
+	Teeny = 5
+	# Development stage (currently "dev" or "release")
+	Stage = "release"
+	# Pre-built version string
+	Version = "#{Major}.#{Minor}.#{Teeny}"
+
+	# :method: self.parsefile(filename)
+	# Wrapper around the instance method's functionality
 	#
-	# Returns a new Nmap::Parser object, and passes it to a block if
-	# one is given
-	def self.parseread(obj) # :yields: parser
-		if not obj.respond_to?("read")
-			raise "Passed object must respond to read()"
-		end
+	# Returns a new Nmap::Parser object and yields it to a block if one is
+	# given
+
+	# :method: self.parseread(obj)
+	# Wrapper around the instance method's functionality
+	#
+	# Returns a new Nmap::Parser object and yields it to a block if one is
+	# given
+
+	# :method: self.parsescan(nmap,args,targets=[])
+	# Wrapper around the instance method's functionality
+	#
+	# Returns a new Nmap::Parser object and yields it to a block if one is
+	# given
 
-		r = obj.read
+	# :method: self.parsestring(str)
+	# Wrapper around the instance method's functionality
+	#
+	# Returns a new Nmap::Parser object and yields it to a block if one is
+	# given
 
-		if not r.is_a?(String)
-			raise "Passed object's read() must return a String (got #{r.class})"
+	#
+	["file", "read", "scan", "string"].each do |name|
+		meth = "parse#{name}"
+		self.class_eval("
+			def self.#{meth}(*args)
+				parser = self.new
+				parser.#{meth}(*args)
+				yield parser if block_given?
+				parser
+			end
+		")
+	end
+
+	# Read and parse XML from +obj+.  +obj+ can be any object responding
+	# to a read() method that returns a String (or something else responding
+	# to to_str()).  IO and File are just a couple of examples.
+	def parseread(obj)
+		if not obj.respond_to?(:read)
+			raise TypeError, "Passed object must respond to read()"
 		end
 
-		new(r) { |p| yield p if block_given? }
+		parsestring(obj.read)
 	end
 
 	# Read and parse the contents of the Nmap XML file +filename+
-	#
-	# Returns a new Nmap::Parser object, and passes it to a block if
-	# one is given
-	def self.parsefile(filename) # :yields: parser
-		begin
-			File.open(filename) { |f|
-				parseread(f) { |p| yield p if block_given? }
-			}
-		rescue
-			raise "Error parsing \"#{filename}\": #{$!}"
-		end
+	def parsefile(filename)
+		File.open(filename) { |f| parseread(f) }
+	rescue
+		raise $!.class, "Error parsing \"#{filename}\": #{$!}"
 	end
 
-	# Read and parse the String of XML.  Currently an alias for new().
-	#
-	# Returns a new Nmap::Parser object, and passes it to a block if
-	# one is given
-	def self.parsestring(str) # :yields: parser
-		new(str) { |p| yield p if block_given? }
+	# Read and parse a String (or something else responding to to_str()) of
+	# XML
+	def parsestring(str)
+		if not str.respond_to?(:to_str)
+			raise TypeError, "XML data should be a String, or must respond to to_str()"
+		end
+
+		parse(str.to_str)
 	end
 
-	# Runs "+nmap+ -d +args+ +targets+"; returns a new Nmap::Parser object,
-	# and passes it to a block if one is given.
+	# Essentially runs "+nmap+ -d +args+ +targets+"
 	#
 	# +nmap+ is here to allow you to do things like:
 	#
-	# parser = Nmap::Parser.parsescan("sudo ./nmap", ....)
+	# parser.parsescan("sudo ./nmap", arguments, targets)
 	#
-	# and still make it easy for me to inject the options for XML
-	# output and debugging.
+	# and still make it easy for me to inject the options for XML output
+	# and debugging.
 	#
-	# +args+ can't contain arguments like -oA, -oX, etc. as these can
+	# +args+ can't contain arguments like -oA, -oX, etc. as these could
 	# interfere with Parser's processing.  If you need that other output,
-	# just run Nmap yourself and pass -oX output to Parser via new.  Or,
-	# you can use rawxml to grab the whole XML (as a String) and save it
-	# to a different file.
+	# you could run Nmap yourself and just pass the -oX output to Parser.
+	# Or you could use rawxml to grab the XML from the scan and write it
+	# to a file, for example.
 	#
-	# +targets+ is an array of targets which will be split and appended to
-	# the command.  It's optional and only for convenience because you can
-	# put any targets you want scanned in +args+.
-	def self.parsescan(nmap, args, targets = []) # :yields: parser
-		if args =~ /[^-]-o|^-o/
-			raise "Output option (-o*) passed to parsescan()"
+	# +targets+ is an optional array of target specifications.  It's here
+	# only for convenience because you can also put any targets you want
+	# scanned in +args+ (which is what I tend to do unless I happen to
+	# already have a collection of targets as an array).
+	def parsescan(nmap, args, targets = [])
+		if args =~ /\s-o|^-o/
+			raise ArgumentError, "Output option (-o*) passed to parsescan()"
 		end
 
-		# Enable debugging, give us our XML output, pass args
-		command = nmap + " -d -oX - " + args + " "
-
-		command += targets.join(" ") if targets.any?
-
-		p = nil
+		# Enable debugging and XML; pass args and targets
+		command = "#{nmap} -d -oX - #{args} #{targets.join(" ")}"
 
 		begin
 			# First try popen3() if it loaded successfully..
 			Open3.popen3(command) do |sin, sout, serr|
-				p = parseread(sout)
+				parseread(sout)
 			end
 		rescue NameError
 			# ..but fall back to popen() if not
 			IO.popen(command) do |io|
-				p = parseread(io)
+				parseread(io)
 			end
 		end
-
-		yield p if block_given?
-
-		p
 	end
 
-	# Returns an array of Host objects, and passes them each to a block if
+	# Returns an array of Host objects and yields them each to a block if
 	# one is given
 	#
 	# If an argument is given, only hosts matching +status+ are given
+	#
+	# NOTE: Calling parser.hosts(status).size can be very different than
+	# running parser.session.numhosts(status) because the information there
+	# and here are coming from different places in the XML.  Nmap will not
+	# typically list individual hosts which it doesn't know or assume are
+	# "up".
 	def hosts(status = "") # :yields: host
-		shosts = []
-
-		@hosts.each do |host|
+		@hosts.map { |host|
 			if status.empty? or host.status == status
-				shosts << host
 				yield host if block_given?
+				host
 			end
-		end
-
-		shosts
+		}.compact
 	end
 
 	# Returns a Host object for the host with the specified IP address
@@ -284,11 +404,8 @@ class Nmap::Parser
 
 	# Deletes host with the specified IP address or hostname +hostip+
 	#
-	# Note: From inside of a block given to a method like hosts() or
-	# get_ips(), calling this method on a host passed to the block may
-	# lead to adverse effects:
-	#
-	# parser.hosts { |h| puts h.addr; parser.del_host(h) } # Don't do this!
+	# Calling this method from inside of a block given to a method like
+	# hosts() or get_ips() may lead to adverse effects.
 	def del_host(hostip)
 		@hosts.delete_if do |host|
 			host.addr == hostip or host.hostname == hostip
@@ -297,60 +414,148 @@ class Nmap::Parser
 
 	alias delete_host del_host
 
-	# Returns an array of IPs scanned, and passes them each to a
-	# block if one is given
+	# Returns an array of IPs scanned and yields them each to a block if
+	# one is given
 	#
 	# If an argument is given, only hosts matching +status+ are given
+	#
+	# NOTE: Calling parser.get_ips(status).size can be very different than
+	# running parser.session.numhosts(status) because the information there
+	# and here are coming from different places in the XML.  Nmap will not
+	# typically list individual hosts which it doesn't know or assume are
+	# "up".
 	def get_ips(status = "") # :yields: host.addr
-		ips = hosts(status).map { |h| h.addr }
+		hosts(status).map do |host|
+			yield host.addr if block_given?
+			host.addr
+		end
+	end
 
-		ips.each { |ip| yield host.addr } if block_given?
+	# This operator simply compares the rawxml members
+	def ==(pa)
+		@rawxml == pa.rawxml
+	end
+
+	# Returns a new Parser object with the following characteristics:
+	#  * rawxml = nil
+	#  * session = nil
+	#  * contains hosts from both operands.  If any of the hosts in the
+	#    first operand are also in the second (as determined by comparing
+	#    host.addr information), the duplicate hosts from the second one
+	#    are not available.
+	def +(pa)
+		return nil unless self.class == pa.class
+		n = Nmap::Parser.new
+		n.rawxml = nil
+		n.session = nil
+		[ self.hosts, pa.hosts ].each do |h|
+			n.addhosts(h)
+		end
+		n
+	end
 
-		ips
+	# Returns a boolean value depending on whether this object is just a
+	# combination of others (e.g. using +)
+	def combination?
+		rawxml.nil? and session.nil? and not @fresh
 	end
 
-	# This operator compares the rawxml members
-	def ==(parser)
-		@rawxml == parser.rawxml
+	protected
+
+	# :stopdoc:
+
+	attr_writer :rawxml, :session
+
+	def addhosts(a)
+		@hosts << a.find_all do |h|
+			not host(h.addr) # ignore dups
+		end
+		@fresh = false
+		@hosts.flatten!
 	end
 
 	private
 
-	def initialize(xml) # :yields: parser
-		if not xml.is_a?(String)
-			raise "Must be passed a String (got #{xml.class})"
+	def option_callback(callback)
+		return if callback.nil?
+
+		@callback = callback
+
+		klasses = []
+		klasses.push(Proc)
+		klasses.push(Method)
+		klasses.push(UnboundMethod) if defined?(UnboundMethod)
+
+		return if klasses.find do |klass|
+			@callback.instance_of?(klass)
 		end
 
-		parse(xml)
+		raise TypeError, "Bad callback type: must be a Proc, Method or UnboundMethod"
+	end
 
-		yield self if block_given?
+	def option_blinken(tty)
+		return if tty.nil? or not defined?(BlinkenLights)
+		path = (tty.instance_of?(String) and tty or "/dev/console")
+		@blinken = proc do
+			BlinkenLights.open(path, 0.2) do |lights|
+				lights.left_to_right while true
+			end
+		end
 	end
 
 	def parse(xml)
+		return unless @fresh
+
 		@rawxml = xml
 
-		begin
-			root = REXML::Document.new(xml).root
-		rescue
-			raise "Error parsing XML: #{$!}"
-		end
+		# :)
+		lthr = Thread.new { @blinken.call } if @blinken
 
-		raise "Error in XML data" if root.nil?
+		parser = Nmap::XmlParsing::MyParser.new(@callback)
+		REXML::Document.parse_stream(xml, parser)
 
-		@session = Session.new(root)
+		lthr.kill if @blinken
 
-		@hosts = root.elements.collect('host') do |host|
-			Host.new(host)
+		raise IOError, "Error parsing XML" unless parser.completed?
+
+		@session = parser.session
+
+		@hosts = parser.hosts
+
+		@fresh = false
+
+		true
+	end
+
+	# :startdoc:
+
+	# Creates a fresh Parser object, taking a hash of options as an optional
+	# argument.  Use the instance parsing methods to read in the XML and
+	# parse the data into the available classes.
+	#
+	# Returns the new Nmap::Parser object and yields it to a block if one is
+	# given
+	def initialize(opts = {}) # :yields: parser
+		@hosts = []
+		@fresh = true
+
+		opts.keys.each do |key|
+			begin
+				send("option_#{key}", opts[key])
+			rescue NoMethodError
+			end
 		end
+
+		yield self if block_given?
 	end
 end
 
 # This holds session information, such as runtime, Nmap's arguments,
 # and verbosity/debugging
 class Nmap::Parser::Session
-	# Holds the command run to initiate the scan
+	# Command run to initiate the scan
 	attr_reader :scan_args
-	# The Nmap version number used to scan
+	# Version number of the Nmap used to scan
 	attr_reader :nmap_version
 	# XML version of Nmap's output
 	attr_reader :xml_version
@@ -358,8 +563,12 @@ class Nmap::Parser::Session
 	attr_reader :start_str, :start_time
 	# Ending time
 	attr_reader :stop_str, :stop_time
-	# Total scan time in seconds (can differ from stop_time - start_time)
+	# Total scan time in seconds (could differ from stop_time - start_time)
 	attr_reader :scan_time
+	# Nmap's exit status ("success" or "error")
+	attr_reader :exit
+	# Nmap's error message if exit status is "error"
+	attr_reader :errormsg
 	# Amount of verbosity (-v) used while scanning
 	attr_reader :verbose
 	# Amount of debugging (-d) used while scanning
@@ -368,21 +577,28 @@ class Nmap::Parser::Session
 	alias verbosity verbose
 	alias debugging debug
 
+	# Returns the total number of hosts that were scanned or, if an
+	# argument is given, returns the number of hosts scanned that were
+	# matching +status+ (e.g. "up" or "down")
+	#
+	# NOTE: Calling parser.sessions.numhosts(status) can be very different
+	# than running parser.hosts(status).size because the information there
+	# and here are coming from different places in the XML.  Nmap will not
+	# typically list individual hosts which it doesn't know or assume are
+	# "up".
+	def numhosts(state = "")
+		@numhosts[state.empty? ? "total" : state]
+	end
+
 	# Returns the total number of services that were scanned or, if an
 	# argument is given, returns the number of services scanned for +type+
 	# (e.g. "syn")
 	def numservices(type = "")
-		total = 0
-
-		@scaninfo.each do |info|
-			if type.empty?
-				total += info.numservices
-			elsif info.type == type
-				return info.numservices
-			end
-		end
-
-		total
+		@scaninfo.find_all { |info|
+			type.empty? or info.type == type
+		}.inject(0) { |acc, info|
+			acc + info.numservices
+		}
 	end
 
 	# Returns the protocol associated with the specified scan +type+
@@ -395,17 +611,13 @@ class Nmap::Parser::Session
 		nil
 	end
 
-	# Returns an array of all the scan types performed, and passes them
+	# Returns an array of all the scan types performed and yields them
 	# each to a block if one if given
 	def scan_types() # :yields: scantype
-		types = []
-
-		@scaninfo.each do |info|
-			types << info.type
+		@scaninfo.map do |info|
 			yield info.type if block_given?
+			info.type
 		end
-
-		types
 	end
 
 	# Returns the scanflags associated with the specified scan +type+
@@ -420,32 +632,48 @@ class Nmap::Parser::Session
 
 	private
 
+	# :stopdoc:
+
 	def initialize(root)
 		parse(root)
 	end
 
 	def parse(root)
-		@scan_args = root.attributes['args']
+		@scan_args = root[:attrs]['args']
+
+		@nmap_version = root[:attrs]['version']
 
-		@nmap_version = root.attributes['version']
+		@xml_version = root[:attrs]['xmloutputversion'].to_f
 
-		@xml_version = root.attributes['xmloutputversion'].to_f
+		@start_str = root[:attrs]['startstr']
+		@start_time = root[:attrs]['start'].to_i
 
-		@start_str = root.attributes['startstr']
-		@start_time = root.attributes['start'].to_i
+		runstats = root[:kids].find_tag(:runstats)
+		finished = runstats[:kids].find_tag(:finished)
 
-		@stop_str = root.elements['runstats/finished'].attributes['timestr']
-		@stop_time = root.elements['runstats/finished'].attributes['time'].to_i
+		@stop_str = finished[:attrs]['timestr']
+		@stop_time = finished[:attrs]['time'].to_i
 
-		@scan_time = root.elements['runstats/finished'].attributes['elapsed'].to_f
+		elapsed = finished[:attrs]['elapsed']
+		@scan_time = elapsed ? elapsed.to_f : (@stop_time - @start_time).to_f
 
-		@verbose = root.elements['verbose'].attributes['level'].to_i
-		@debug = root.elements['debugging'].attributes['level'].to_i
+		@exit = finished[:attrs]['exit']
+		@errormsg = finished[:attrs]['errormsg']
+
+		@verbose = root[:kids].find_tag(:verbose)[:attrs]['level'].to_i
+		@debug = root[:kids].find_tag(:debugging)[:attrs]['level'].to_i
+
+		@numhosts = {}
+		runstats[:kids].find_tag(:hosts)[:attrs].each_pair do |k, v|
+			@numhosts[k] = v.to_i
+		end
 
-		@scaninfo = root.elements.collect('scaninfo') do |info|
+		@scaninfo = root[:kids].collect_tags(:scaninfo) do |info|
 			ScanInfo.new(info)
 		end
 	end
+
+	# :startdoc:
 end
 
 class Nmap::Parser::Session::ScanInfo # :nodoc: all
@@ -458,10 +686,10 @@ class Nmap::Parser::Session::ScanInfo # :nodoc: all
 	end
 
 	def parse(info)
-		@type = info.attributes['type']
-		@scanflags = info.attributes['scanflags']
-		@proto = info.attributes['protocol']
-		@numservices = info.attributes['numservices'].to_i
+		@type = info[:attrs]['type']
+		@scanflags = info[:attrs]['scanflags']
+		@proto = info[:attrs]['protocol']
+		@numservices = info[:attrs]['numservices'].to_i
 	end
 end
 
@@ -471,21 +699,21 @@ end
 # available in this class; either accessed through here or directly
 # from a Port object.
 class Nmap::Parser::Host
-	# The status of the host, typically "up" or "down"
+	# Status of the host, typically "up" or "down"
 	attr_reader :status
-	# The reason for the status
+	# Reason for the status
 	attr_reader :reason
-	# The IPv4 address
+	# IPv4 address
 	attr_reader :ip4_addr
-	# The IPv6 address
+	# IPv6 address
 	attr_reader :ip6_addr
-	# The MAC address
+	# MAC address
 	attr_reader :mac_addr
-	# The MAC vendor
+	# MAC vendor
 	attr_reader :mac_vendor
 	# OS object holding Operating System information
 	attr_reader :os
-	# The number of "weird responses"
+	# Number of "weird responses"
 	attr_reader :smurf
 	# TCP Sequence Number information
 	attr_reader :tcpsequence_index, :tcpsequence_class
@@ -514,45 +742,81 @@ class Nmap::Parser::Host
 		@ip4_addr or @ip6_addr
 	end
 
-	# Returns an array containing all of the hostnames for this host,
-	# and passes them each to a block if one is given
-	def all_hostnames
+	# Returns an array containing all of the hostnames for this host and
+	# yields them each to a block if one is given
+	def hostnames
 		@hostnames.each { |hostname| yield hostname } if block_given?
-
 		@hostnames
 	end
 
-	alias hostnames all_hostnames
+	alias all_hostnames hostnames
 
-	# Returns the first hostname, or nil if unavailable
+	# Returns the first hostname
 	def hostname
 		@hostnames[0]
 	end
 
-	# Returns an array of ExtraPorts objects, and passes them each to a
+	# Returns an array of ExtraPorts objects and yields them each to a
 	# block if one if given
 	def extraports # :yields: extraports
 		@extraports.each { |e| yield e } if block_given?
-
 		@extraports
 	end
 
-	# Returns the Port object for the TCP port +portnum+, and passes it to
-	# a block if one is given
-	def tcp_port(portnum) # :yields: port
-		port = @tcpPorts[portnum.to_i]
+	# Returns the Port object for the port +portnum+ of protocol +type+
+	# (:tcp, :udp, :sctp or :ip) and yields it to a block if one is given.
+	def getport(type, portnum) # :yields: port
+		type = type.to_sym
+
+		port = case type
+		when :tcp, :udp, :sctp, :ip
+			@ports[type][portnum.to_i]
+		else
+			raise ArgumentError, "Invalid protocol type"
+		end
+
 		yield port if block_given?
+
 		port
 	end
 
-	# Returns an array of Port objects for each TCP port, and passes them
-	# each to a block if one is given
+	# Returns an array of Port objects for each port of protocol +type+
+	# (:tcp, :udp, :sctp or :ip) and yields them each to a block if one is
+	# given
+	#
+	# If +type+ is :any rather than a protocol name, then matching ports
+	# from all protocols are given.
+	#
+	# If +type+ is an array, it's assumed to be filled with any combination
+	# of the aforementioned protocol types.  Some handling is done on the
+	# array, but you could do [:tcp, :udp, :any] if you really want.
 	#
-	# If an argument is given, only ports matching +state+ are given.  Note
+	# If +state+ is given, only ports matching that state are given.  Note
 	# that combinations like "open|filtered" will get matched by "open" and
 	# "filtered"
-	def tcp_ports(state = "")
-		list = @tcpPorts.values.find_all { |port|
+	def getports(type, state = "")
+		if type.instance_of?(Array)
+			list = type.flatten.uniq.inject([]) { |acc, typ|
+				acc + getports(typ, state)
+			}.sort
+
+			list.each { |port| yield port } if block_given?
+
+			return list
+		end
+
+		type = type.to_sym
+
+		ports = case type
+		when :tcp, :udp, :sctp, :ip
+			@ports[type].values
+		when :any
+			@ports.map { |ent| ent[1].values }.flatten
+		else
+			raise ArgumentError, "Invalid protocol type (#{type})"
+		end
+
+		list = ports.find_all { |port|
 			state.empty? or
 			port.state == state or
 			port.state.split(/\|/).include?(state)
@@ -563,209 +827,186 @@ class Nmap::Parser::Host
 		list
 	end
 
-	# Returns an array of TCP port numbers, and passes them each to a block
-	# if one given
+	# Returns an array of port numbers of protocol +type+ (:tcp, :udp, :sctp
+	# or :ip) and yields them each to a block if one given
 	#
-	# If an argument is given, only ports matching +state+ are given.
-	def tcp_port_list(state = "")
-		list = tcp_ports(state).map { |p| p.num }
-		list.each { |port| yield port } if block_given?
-		list
+	# If +state+ is given, only ports matching that state are given.  Note
+	# that combinations like "open|filtered" will get matched by "open" and
+	# "filtered"
+	def getportlist(type, state = "") # :yields: port
+		getports(type, state).map do |port|
+			yield port.num if block_given?
+			port.num
+		end
 	end
 
+	# :method: tcp_port(portnum)
+	# Just like getport(:tcp, +portnum+)
+
+	# :method: tcp_ports(state="")
+	# Just like getports(:tcp, +state+)
+
+	# :method: tcp_port_list(state="")
+	# Just like getportlist(:tcp, +state+)
+
+	# :method: tcp_state(portnum)
+	# Returns the state of TCP port +portnum+
+
+	# :method: tcp_reason(portnum)
 	# Returns the state reason of TCP port +portnum+
-	def tcp_reason(portnum)
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.reason
-	end
 
+	# :method: tcp_service(portnum)
+	# Returns the Port::Service for TCP port +portnum+
+
+	# :method: tcp_script(portnum,name)
 	# Returns the Script object for the script +name+ run against the
 	# TCP port +portnum+
-	def tcp_script(portnum, name)
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.script(name)
-	end
 
-	# Returns an array of Script objects for each script run on the
-	# TCP port +portnum+, and passes them each to a block if given
-	def tcp_scripts(portnum) # :yields: script
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.scripts { |s| yield s } if block_given?
-		port.scripts
-	end
+	# :method: tcp_scripts(portnum)
+	# Returns an array of Script objects for each script run on the TCP
+	# port +portnum+ and yields them each to a block if one is given
 
+	# :method: tcp_script_output(portnum,name)
 	# Returns the output of the script +name+ on the TCP port +portnum+
-	def tcp_script_output(portnum, name)
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.script_output(name)
-	end
 
-	# Returns a Port::Service object for TCP port +portnum+
-	def tcp_service(portnum)
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.service
-	end
+	# :method: udp_port(portnum)
+	# Just like getport(:udp, +portnum+)
 
-	# Returns the state of TCP port +portnum+
-	def tcp_state(portnum)
-		port = tcp_port(portnum)
-		return nil if port.nil?
-		port.state
-	end
+	# :method: udp_ports(state="")
+	# Just like getports(:udp, +state+)
 
-	# Returns the Port object for the UDP port +portnum+, and passes it to
-	# a block if one is given
-	def udp_port(portnum) # :yields: port
-		port = @udpPorts[portnum.to_i]
-		yield port if block_given?
-		port
-	end
+	# :method: udp_port_list(state="")
+	# Just like getportlist(:udp, +state+)
 
-	# Returns an array of Port objects for each UDP port, and passes them
-	# each to a block if one is given
-	#
-	# If an argument is given, only ports matching +state+ are given.  Note
-	# that combinations like "open|filtered" will get matched by "open" and
-	# "filtered"
-	def udp_ports(state = "")
-		list = @udpPorts.values.find_all { |port|
-			state.empty? or
-			port.state == state or
-			port.state.split(/\|/).include?(state)
-		}.sort
-
-		list.each { |port| yield port } if block_given?
-
-		list
-	end
-
-	# Returns an array of UDP port numbers, and passes them each to a block
-	# if one is given
-	#
-	# If an argument is given, only ports matching +state+ are given.
-	def udp_port_list(state = "")
-		list = udp_ports(state).map { |p| p.num }
-		list.each { |port| yield port } if block_given?
-		list
-	end
+	# :method: udp_state(portnum)
+	# Returns the state of UDP port +portnum+
 
+	# :method: udp_reason(portnum)
 	# Returns the state reason of UDP port +portnum+
-	def udp_reason(portnum)
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.reason
-	end
 
+	# :method: udp_service(portnum)
+	# Returns the Port::Service for UDP port +portnum+
+
+	# :method: udp_script(portnum,name)
 	# Returns the Script object for the script +name+ run against the
 	# UDP port +portnum+
-	def udp_script(portnum, name)
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.script(name)
-	end
 
-	# Returns an array of Script objects for each script run on the
-	# UDP port +portnum+, and passes them each to a block if given
-	def udp_scripts(portnum) # :yields: script
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.scripts { |s| yield s } if block_given?
-		port.scripts
-	end
+	# :method: udp_scripts(portnum)
+	# Returns an array of Script objects for each script run on the UDP
+	# port +portnum+ and yields them each to a block if one is given
 
+	# :method: udp_script_output(portnum,name)
 	# Returns the output of the script +name+ on the UDP port +portnum+
-	def udp_script_output(portnum, name)
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.script_output(name)
-	end
 
-	# Returns a Port::Service object for UDP port +portnum+
-	def udp_service(portnum)
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.service
-	end
+	# :method: sctp_port(portnum)
+	# Just like getport(:sctp, +portnum+)
 
-	# Returns the state of UDP port +portnum+
-	def udp_state(portnum)
-		port = udp_port(portnum)
-		return nil if port.nil?
-		port.state
-	end
+	# :method: sctp_ports(state="")
+	# Just like getports(:sctp, +state+)
 
-	# Returns the Port object for the IP protocol +protonum+, and passes it
-	# to a block if one is given
-	def ip_proto(protonum) # :yields: proto
-		proto = @ipProtos[protonum.to_i]
-		yield proto if block_given?
-		proto
-	end
+	# :method: sctp_port_list(state="")
+	# Just like getportlist(:sctp, +state+)
 
-	# Returns an array of Port objects for each IP protocol, and passes
-	# them each to a block if one is given
-	#
-	# If an argument is given, only protocols matching +state+ are given.
-	# Note that combinations like "open|filtered" will get matched by
-	# "open" and "filtered"
-	def ip_protos(state = "")
-		list = @ipProtos.values.find_all { |proto|
-			state.empty? or
-			proto.state == state or
-			proto.state.split(/\|/).include?(state)
-		}.sort
+	# :method: sctp_state(portnum)
+	# Returns the state of SCTP port +portnum+
 
-		list.each { |proto| yield proto } if block_given?
+	# :method: sctp_reason(portnum)
+	# Returns the state reason of SCTP port +portnum+
 
-		list
-	end
+	# :method: sctp_service(portnum)
+	# Returns the Port::Service for SCTP port +portnum+
+
+	# :method: ip_proto(protonum)
+	# Just like getport(:ip, +protonum+)
+
+	# :method: ip_protos(state="")
+	# Just like getports(:ip, +state+)
+
+	# :method: ip_proto_list(state="")
+	# Just like getportlist(:ip, +state+)
+
+	# :method: ip_reason(protonum)
+	# Returns the state of IP proto +protonum+
+
+	# :method: ip_state(protonum)
+	# Returns the state reason of IP proto +protonum+
+
+	# :method: ip_service(protonum)
+	# Returns the Port::Service for IP proto +protonum+
 
-	# Returns an array of IP protocol numbers, and passes them each to a
-	# block if one given
 	#
-	# If an argument is given, only protocols matching +state+ are given.
-	def ip_proto_list(state = "")
-		list = ip_protos(state).map { |p| p.num }
-		list.each { |proto| yield proto } if block_given?
-		list
-	end
+	[
+		["tcp", "port"],
+		["udp", "port"],
+		["sctp", "port"],
+		["ip", "proto"]
+	].each do |type, prt|
+		self.class_eval("
+			def #{type}_#{prt}(portnum)
+				getport(:#{type}, portnum) do |p|
+					yield p if block_given?
+				end
+			end
 
-	# Returns the state reason of IP protocol +protonum+
-	def ip_reason(protonum)
-		proto = ip_proto(protonum)
-		return nil if proto.nil?
-		proto.reason
-	end
+			def #{type}_#{prt}s(state = '')
+				getports(:#{type}, state) do |p|
+					yield p if block_given?
+				end
+			end
 
-	# Returns a Port::Service object for IP protocol +protonum+
-	def ip_service(protonum)
-		proto = ip_proto(protonum)
-		return nil if proto.nil?
-		proto.service
-	end
+			def #{type}_#{prt}_list(state = '')
+				getportlist(:#{type}, state) do |p|
+					yield p if block_given?
+				end
+			end
+
+			def #{type}_state(portnum)
+				(#{type}_#{prt}(portnum) or return).state
+			end
+
+			def #{type}_reason(portnum)
+				(#{type}_#{prt}(portnum) or return).reason
+			end
+
+			def #{type}_service(portnum)
+				(#{type}_#{prt}(portnum) or return).service
+			end
+		")
 
-	# Returns the state of IP protocol +protonum+
-	def ip_state(protonum)
-		proto = ip_proto(protonum)
-		return nil if proto.nil?
-		proto.state
+		next unless ['tcp', 'udp'].include?(type)
+
+		self.class_eval("
+			def #{type}_script(portnum, name)
+				script = (#{type}_port(portnum) or return).script(name)
+				return if not script
+				yield script if block_given?
+				script
+			end
+
+			def #{type}_scripts(portnum)
+				port = #{type}_port(portnum) or return
+				port.scripts { |script| yield script } if block_given?
+				port.scripts
+			end
+		
+			def #{type}_script_output(portnum, name)
+				(#{type}_port(portnum) or return).script_output(name)
+			end
+		")
 	end
 
 	# Returns the Script object for the specified host script +name+
 	def script(name)
-		@scripts.find { |script| script.id == name }
+		sc = @scripts.find { |script| script.id == name }
+		return if not sc
+		yield sc if block_given?
+		sc
 	end
 
-	# Returns an array of Script objects for each host script run, and
-	# passes them each to a block if given
+	# Returns an array of Script objects for each host script run and
+	# yields them each to a block if given
 	def scripts
 		@scripts.each { |script| yield script } if block_given?
-
 		@scripts
 	end
 
@@ -780,49 +1021,47 @@ class Nmap::Parser::Host
 
 	private
 
-	def initialize(hostinfo)
-		parse(hostinfo)
-	end
+	# :stopdoc:
 
 	def parseAddr(elem)
-		case elem.attributes['addrtype']
+		case elem[:attrs]['addrtype']
 		when "mac"
-			@mac_addr = elem.attributes['addr']
-			@mac_vendor = elem.attributes['vendor']
+			@mac_addr = elem[:attrs]['addr']
+			@mac_vendor = elem[:attrs]['vendor']
 		when "ipv4"
-			@ip4_addr = elem.attributes['addr']
+			@ip4_addr = elem[:attrs]['addr']
 		when "ipv6"
-			@ip6_addr = elem.attributes['addr']
+			@ip6_addr = elem[:attrs]['addr']
 		end
 	end
 
 	def parseHostnames(elem)
 		@hostnames = []
 
-		return nil if elem.nil?
+		return if elem.nil?
 
-		@hostnames = elem.elements.collect('hostname') do |name|
-			name.attributes['name']
+		@hostnames = elem[:kids].collect_tags(:hostname) do |name|
+			name[:attrs]['name']
 		end
 	end
 
 	def parsePorts(ports)
-		@tcpPorts = {}
-		@udpPorts = {}
-		@ipProtos = {}
-
-		return nil if ports.nil?
-
-		ports.each_element('port') do |port|
-			num = port.attributes['portid'].to_i
-			proto = port.attributes['protocol']
-
-			if proto == "tcp"
-				@tcpPorts[num] = Port.new(port)
-			elsif proto == "udp"
-				@udpPorts[num] = Port.new(port)
-			elsif proto == "ip"
-				@ipProtos[num] = Port.new(port)
+		@ports = {
+			:tcp => {},
+			:udp => {},
+			:sctp => {},
+			:ip => {}
+		}
+
+		return if ports.nil?
+
+		ports[:kids].each_tag(:port) do |port|
+			num = port[:attrs]['portid'].to_i
+			proto = port[:attrs]['protocol'].to_sym
+
+			case proto
+			when :tcp, :udp, :sctp, :ip
+				@ports[proto][num] = Port.new(port)
 			end
 		end
 	end
@@ -830,104 +1069,107 @@ class Nmap::Parser::Host
 	def parseExtraPorts(ports)
 		@extraports = []
 
-		return nil if ports.nil?
+		return if ports.nil?
 
-		@extraports = ports.elements.collect('extraports') do |e|
+		@extraports = ports[:kids].collect_tags(:extraports) { |e|
 			ExtraPorts.new(e)
-		end
-
-		@extraports.sort!
+		}.sort
 	end
 
 	def parseScripts(scriptlist)
 		@scripts = []
 
-		return nil if scriptlist.nil?
+		return if scriptlist.nil?
 
-		@scripts = scriptlist.elements.collect('script') do |script|
+		@scripts = scriptlist[:kids].collect_tags(:script) do |script|
 			Script.new(script)
 		end
 	end
 
 	def tcpseq(seq)
-		return nil if seq.nil?
+		return if seq.nil?
 
-		@tcpsequence_index = seq.attributes['index']
-		@tcpsequence_class = seq.attributes['class']
-		@tcpsequence_values = seq.attributes['values']
-		@tcpsequence_difficulty = seq.attributes['difficulty']
+		@tcpsequence_index = seq[:attrs]['index'].to_i
+		@tcpsequence_class = seq[:attrs]['class']
+		@tcpsequence_values = seq[:attrs]['values']
+		@tcpsequence_difficulty = seq[:attrs]['difficulty']
 	end
 
 	def ipidseq(seq)
-		return nil if seq.nil?
+		return if seq.nil?
 
-		@ipidsequence_class = seq.attributes['class']
-		@ipidsequence_values = seq.attributes['values']
+		@ipidsequence_class = seq[:attrs]['class']
+		@ipidsequence_values = seq[:attrs]['values']
 	end
 
 	def tcptsseq(seq)
-		return nil if seq.nil?
+		return if seq.nil?
 
-		@tcptssequence_class = seq.attributes['class']
-		@tcptssequence_values = seq.attributes['values']
+		@tcptssequence_class = seq[:attrs]['class']
+		@tcptssequence_values = seq[:attrs]['values']
 	end
 
 	def uptime(time)
-		return nil if time.nil?
+		return if time.nil?
+
+		@uptime_seconds = time[:attrs]['seconds'].to_i
+		@uptime_lastboot = time[:attrs]['lastboot']
+	end
 
-		@uptime_seconds = time.attributes['seconds'].to_i
-		@uptime_lastboot = time.attributes['lastboot']
+	def initialize(hostinfo)
+		parse(hostinfo)
 	end
 
 	def parse(host)
-		status = host.elements['status']
+		status = host[:kids].find_tag(:status)
 
-		@status = status.attributes['state']
+		@status = status[:attrs]['state']
 
-		@reason = status.attributes['reason']
+		@reason = status[:attrs]['reason']
 
-		@os = OS.new(host.elements['os'])
+		@os = OS.new(host[:kids].find_tag(:os))
 
-		host.each_element('address') do |elem|
+		host[:kids].each_tag(:address) do |elem|
 			parseAddr(elem)
 		end
 
-		parseHostnames(host.elements['hostnames'])
+		parseHostnames(host[:kids].find_tag(:hostnames))
 
-		smurf = host.elements['smurf']
-		@smurf = smurf.attributes['responses'] if smurf
+		smurf = host[:kids].find_tag(:smurf)
+		@smurf = smurf[:attrs]['responses'] if smurf
 
-		ports = host.elements['ports']
+		ports = host[:kids].find_tag(:ports)
 
 		parsePorts(ports)
 
 		parseExtraPorts(ports)
 
-		parseScripts(host.elements['hostscript'])
+		parseScripts(host[:kids].find_tag(:hostscript))
 
-		if trace = host.elements['trace']
-			@traceroute = Traceroute.new(trace)
-		end
+		trace = host[:kids].find_tag(:trace)
+		@traceroute = Traceroute.new(trace) if trace
 
-		tcpseq(host.elements['tcpsequence'])
+		tcpseq(host[:kids].find_tag(:tcpsequence))
 
-		ipidseq(host.elements['ipidsequence'])
+		ipidseq(host[:kids].find_tag(:ipidsequence))
 
-		tcptsseq(host.elements['tcptssequence'])
+		tcptsseq(host[:kids].find_tag(:tcptssequence))
 
-		uptime(host.elements['uptime'])
+		uptime(host[:kids].find_tag(:uptime))
 
-		distance = host.elements['distance']
-		@distance = distance.attributes['value'].to_i if distance
+		distance = host[:kids].find_tag(:distance)
+		@distance = distance[:attrs]['value'].to_i if distance
 
-		@times = Times.new(host.elements['times'])
+		@times = Times.new(host[:kids].find_tag(:times))
 
-		stime = host.attributes['starttime']
+		stime = host[:attrs]['starttime']
 		@starttime = stime.to_i if stime
 
-		etime = host.attributes['endtime']
+		etime = host[:attrs]['endtime']
 		@endtime = etime.to_i if etime
 	end
+
+	# :startdoc:
 end
 
 # This holds information on the time statistics for this host
@@ -941,17 +1183,21 @@ class Nmap::Parser::Host::Times
 
 	private
 
+	# :stopdoc:
+
 	def initialize(times)
 		parse(times)
 	end
 
 	def parse(times)
-		return nil if times.nil?
+		return if times.nil?
 
-		@srtt = times.attributes['srtt'].to_i
-		@rttvar = times.attributes['rttvar'].to_i
-		@to = times.attributes['to'].to_i
+		@srtt = times[:attrs]['srtt'].to_i
+		@rttvar = times[:attrs]['rttvar'].to_i
+		@to = times[:attrs]['to'].to_i
 	end
+
+	# :startdoc:
 end
 
 # This holds the information about an NSE script run against a host or port
@@ -965,27 +1211,33 @@ class Nmap::Parser::Host::Script
 
 	private
 
+	# :stopdoc:
+
 	def initialize(script)
 		parse(script)
 	end
 
 	def parse(script)
-		return nil if script.nil?
+		return if script.nil?
 
-		@id = script.attributes['id']
-		@output = script.attributes['output']
+		@id = script[:attrs]['id']
+		@output = script[:attrs]['output']
 	end
+
+	# :startdoc:
 end
 
 # This holds the information about an individual port or protocol
 class Nmap::Parser::Host::Port
 	# Port number
 	attr_reader :num
+	# Port protocol ("tcp", "udp", etc)
+	attr_reader :proto
 	# Service object for this port
 	attr_reader :service
 	# Port state ("open", "closed", "filtered", etc)
 	attr_reader :state
-	# Why the port is in the state
+	# Reason for the port state
 	attr_reader :reason
 	# The host that responded, if different than the target
 	attr_reader :reason_ip
@@ -997,11 +1249,10 @@ class Nmap::Parser::Host::Port
 		@scripts.find { |script| script.id == name }
 	end
 
-	# Returns an array of Script objects associated with this port, and
-	# passes them each to a block if one is given
+	# Returns an array of Script objects associated with this port and
+	# yields them each to a block if one is given
 	def scripts
 		@scripts.each { |script| yield script } if block_given?
-
 		@scripts
 	end
 
@@ -1021,25 +1272,29 @@ class Nmap::Parser::Host::Port
 
 	private
 
+	# :stopdoc:
+
 	def initialize(portinfo)
 		parse(portinfo)
 	end
 
 	def parse(port)
-		@num = port.attributes['portid'].to_i
-
-		state = port.elements['state']
-		@state = state.attributes['state']
-		@reason = state.attributes['reason']
-		@reason_ttl = state.attributes['reason_ttl'].to_i
-		@reason_ip = state.attributes['reason_ip']
+		@num = port[:attrs]['portid'].to_i
+		@proto = port[:attrs]['protocol']
+		state = port[:kids].find_tag(:state)
+		@state = state[:attrs]['state']
+		@reason = state[:attrs]['reason']
+		@reason_ttl = state[:attrs]['reason_ttl'].to_i
+		@reason_ip = state[:attrs]['reason_ip']
 
 		@service = Service.new(port)
 
-		@scripts = port.elements.collect('script') do |script|
+		@scripts = port[:kids].collect_tags(:script) do |script|
 			Nmap::Parser::Host::Script.new(script)
 		end
 	end
+
+	# :startdoc:
 end
 
 # This holds the information about "extra ports": groups of ports which have
@@ -1052,13 +1307,12 @@ class Nmap::Parser::Host::ExtraPorts
 
 	# Returns an array of arrays, each of which are in the form of:
 	#
-	# [ <port count>, reason ]
+	# [ port count, reason ]
 	#
-	# for each set of reasons, and passes them each to a block if one is
+	# for each set of reasons and yields them each to a block if one is
 	# given
 	def reasons
 		@reasons.each { |reason| yield reason } if block_given?
-
 		@reasons
 	end
 
@@ -1069,30 +1323,34 @@ class Nmap::Parser::Host::ExtraPorts
 
 	private
 
+	# :stopdoc:
+
 	def initialize(extraports)
 		parse(extraports)
 	end
 
 	def parse(extraports)
-		@count = extraports.attributes['count'].to_i
-		@state = extraports.attributes['state']
+		@count = extraports[:attrs]['count'].to_i
+		@state = extraports[:attrs]['state']
 
 		@reasons = []
 
-		extraports.each_element('extrareasons') do |extra|
-			ecount = extra.attributes['count'].to_i
-			ereason = extra.attributes['reason']
+		extraports[:kids].each_tag(:extrareasons) do |extra|
+			ecount = extra[:attrs]['count'].to_i
+			ereason = extra[:attrs]['reason']
 			@reasons << [ ecount, ereason ]
 		end
 	end
+
+	# :startdoc:
 end
 
 # This holds information on a traceroute, such as the port and protocol used
 # and an array of responsive hops
 class Nmap::Parser::Host::Traceroute
-	# The port used during traceroute
+	# Port number used during traceroute
 	attr_reader :port
-	# The protocol used during traceroute
+	# Protocol used during traceroute
 	attr_reader :proto
 
 	# Returns the Hop object for the given TTL
@@ -1101,38 +1359,41 @@ class Nmap::Parser::Host::Traceroute
 	end
 
 	# Returns an array of Hop objects, which are each a responsive hop,
-	# and passes them each to a block if one if given.
+	# and yields them each to a block if one if given.
 	def hops
 		@hops.each { |hop| yield hop } if block_given?
-
 		@hops
 	end
 
 	private
 
+	# :stopdoc:
+
 	def initialize(trace)
 		parse(trace)
 	end
 
 	def parse(trace)
-		@port = trace.attributes['port'].to_i
-		@proto = trace.attributes['proto']
+		@port = trace[:attrs]['port'].to_i
+		@proto = trace[:attrs]['proto']
 
-		@hops = trace.each_element('hop') do |hop|
+		@hops = trace[:kids].collect_tags(:hop) do |hop|
 			Hop.new(hop)
 		end
 	end
+
+	# :startdoc:
 end
 
 # This holds information on an individual traceroute hop
 class Nmap::Parser::Host::Traceroute::Hop
 	# How many hops away the host is
 	attr_reader :ttl
-	# The round-trip time of the host
+	# Round-trip time of the host
 	attr_reader :rtt
-	# The IP address of the host
+	# IP address of the host
 	attr_reader :addr
-	# The hostname of the host
+	# Hostname of the host
 	attr_reader :hostname
 
 	alias host hostname 
@@ -1145,21 +1406,25 @@ class Nmap::Parser::Host::Traceroute::Hop
 
 	private
 
+	# :stopdoc:
+
 	def initialize(hop)
 		parse(hop)
 	end
 
 	def parse(hop)
-		@ttl = hop.attributes['ttl'].to_i
-		@rtt = hop.attributes['rtt'].to_f
-		@addr = hop.attributes['ipaddr']
-		@hostname = hop.attributes['host']
+		@ttl = hop[:attrs]['ttl'].to_i
+		@rtt = hop[:attrs]['rtt'].to_f
+		@addr = hop[:attrs]['ipaddr']
+		@hostname = hop[:attrs]['host']
 	end
+
+	# :startdoc:
 end
 
 # This holds the service information for a port
 class Nmap::Parser::Host::Port::Service
-	# The name of the service
+	# Name of the service
 	attr_reader :name
 	# Vendor name
 	attr_reader :product
@@ -1181,49 +1446,51 @@ class Nmap::Parser::Host::Port::Service
 	attr_reader :proto
 	# Extra misc. information about the service
 	attr_reader :extra
-	# The type of device the service is running on
+	# Type of device the service is running on
 	attr_reader :devicetype
-	# The OS the service is running on
+	# OS the service is running on
 	attr_reader :ostype
-	# The service fingerprint
+	# Service fingerprint
 	attr_reader :fingerprint
 
 	alias extrainfo extra
 
 	private
 
+	# :stopdoc:
+
 	def initialize(port)
 		parse(port)
 	end
 
 	def parse(port)
-		return nil if port.nil?
-
-		service = port.elements['service']
-
-		return nil if service.nil?
-
-		@name = service.attributes['name']
-		@product = service.attributes['product']
-		@version = service.attributes['version']
-		@method = service.attributes['method']
-		owner = port.elements['owner']
-		@owner = owner.attributes['name'] if owner
-		@tunnel = service.attributes['tunnel']
-		rpcnum = service.attributes['rpcnum']
+		service = port[:kids].find_tag(:service)
+
+		return if service.nil?
+
+		@name = service[:attrs]['name']
+		@product = service[:attrs]['product']
+		@version = service[:attrs]['version']
+		@method = service[:attrs]['method']
+		owner = port[:kids].find_tag(:owner)
+		@owner = owner[:attrs]['name'] if owner
+		@tunnel = service[:attrs]['tunnel']
+		rpcnum = service[:attrs]['rpcnum']
 		@rpcnum = rpcnum.to_i if rpcnum
-		lowver = service.attributes['lowver']
+		lowver = service[:attrs]['lowver']
 		@lowver = lowver.to_i if lowver
-		highver = service.attributes['highver']
+		highver = service[:attrs]['highver']
 		@highver = highver.to_i if highver
-		conf = service.attributes['conf']
+		conf = service[:attrs]['conf']
 		@confidence = conf.to_i if conf
-		@proto = service.attributes['proto']
-		@extra = service.attributes['extrainfo']
-		@devicetype = service.attributes['devicetype']
-		@ostype = service.attributes['ostype']
-		@fingerprint = service.attributes['servicefp']
+		@proto = service[:attrs]['proto']
+		@extra = service[:attrs]['extrainfo']
+		@devicetype = service[:attrs]['devicetype']
+		@ostype = service[:attrs]['ostype']
+		@fingerprint = service[:attrs]['servicefp']
 	end
+
+	# :startdoc:
 end
 
 # This holds the OS information from OS Detection
@@ -1231,19 +1498,17 @@ class Nmap::Parser::Host::OS
 	# OS fingerprint
 	attr_reader :fingerprint
 
-	# Returns an array of OSClass objects, and passes them each to a
-	# block if one is given
+	# Returns an array of OSClass objects and yields them each to a block
+	# if one is given
 	def osclasses
 		@osclasses.each { |osclass| yield osclass } if block_given?
-
 		@osclasses
 	end
 
-	# Returns an array of OSMatch objects, and passes them each to a
-	# block if one is given
+	# Returns an array of OSMatch objects and yields them each to a block
+	# if one is given
 	def osmatches
 		@osmatches.each { |osmatch| yield osmatch } if block_given?
-
 		@osmatches
 	end
 
@@ -1255,41 +1520,32 @@ class Nmap::Parser::Host::OS
 	# Returns OS class accuracy of the first OS class record, or Nth record
 	# as specified by +index+
 	def class_accuracy(index = 0)
-		return nil if @osclasses.empty?
-
-		@osclasses[index.to_i].accuracy
+		(@osclasses[index.to_i] or return).accuracy
 	end
 
+	# :method: osfamily(index=0)
 	# Returns OS family information of first OS class record, or Nth record
 	# as specified by +index+
-	def osfamily(index = 0)
-		return nil if @osclasses.empty?
-
-		@osclasses[index.to_i].osfamily
-	end
 
+	# :method: osgen(index=0)
 	# Returns OS generation information of first OS class record, or Nth
 	# record as specified by +index+
-	def osgen(index = 0)
-		return nil if @osclasses.empty?
-
-		@osclasses[index.to_i].osgen
-	end
 
+	# :method: ostype(index=0)
 	# Returns OS type information of the first OS class record, or Nth
 	# record as specified by +index+
-	def ostype(index = 0)
-		return nil if @osclasses.empty?
-
-		@osclasses[index.to_i].ostype
-	end
 
+	# :method: osvendor(index=0)
 	# Returns OS vendor information of the first OS class record, or Nth
 	# record as specified by +index+
-	def osvendor(index = 0)
-		return nil if @osclasses.empty?
 
-		@osclasses[index.to_i].osvendor
+	#
+	["family", "gen", "type", "vendor"].each do |name|
+		self.class_eval("
+			def os#{name}(index = 0)
+				(@osclasses[index.to_i] or return).os#{name}
+			end
+		")
 	end
 
 	# Returns the number of OS match records
@@ -1300,66 +1556,48 @@ class Nmap::Parser::Host::OS
 	# Returns name of first OS match record, or Nth record as specified by
 	# +index+
 	def name(index = 0)
-		return nil if @osmatches.empty?
-
-		@osmatches[index.to_i].name
+		(@osmatches[index.to_i] or return).name
 	end
 
 	# Returns OS name accuracy of the first OS match record, or Nth record
 	# as specified by +index+
 	def name_accuracy(index = 0)
-		return nil if @osmatches.empty?
-
-		@osmatches[index.to_i].accuracy
+		(@osmatches[index.to_i] or return).accuracy
 	end
 
-	# Returns an array of names from all OS records, and passes them each
-	# to a block if one is given
-	def all_names() # :yields: name
-		names = []
-
-		@osmatches.each do |match|
-			names << match.name
+	# Returns an array of names from all OS records and yields them each to
+	# a block if one is given
+	def names() # :yields: name
+		@osmatches.map do |match|
 			yield match.name if block_given?
+			match.name
 		end
-
-		names
 	end
 
-	alias names all_names
+	alias all_names names
 
 	# Returns the closed TCP port used for this OS Detection run
 	def tcpport_closed
-		return nil if @portsused.nil?
-
-		@portsused.each do |port|
-			if port.proto == "tcp" and port.state == "closed"
-				return port.num
-			end
-		end
-
-		nil
+		getportnum("tcp", "closed")
 	end
 
 	# Returns the open TCP port used for this OS Detection run
 	def tcpport_open
-		return nil if @portsused.nil?
-
-		@portsused.each do |port|
-			if port.proto == "tcp" and port.state == "open"
-				return port.num
-			end
-		end
-
-		nil
+		getportnum("tcp", "open")
 	end
 
 	# Returns the closed UDP port used for this OS Detection run
 	def udpport_closed
-		return nil if @portsused.nil?
+		getportnum("udp", "closed")
+	end
+
+	private
 
+	# :stopdoc:
+
+	def getportnum(proto, state)
 		@portsused.each do |port|
-			if port.proto == "udp" and port.state == "closed"
+			if port.proto == proto and port.state == state
 				return port.num
 			end
 		end
@@ -1367,8 +1605,6 @@ class Nmap::Parser::Host::OS
 		nil
 	end
 
-	private
-
 	def initialize(os)
 		parse(os)
 	end
@@ -1378,27 +1614,25 @@ class Nmap::Parser::Host::OS
 		@osclasses = []
 		@osmatches = []
 
-		return nil if os.nil?
+		return if os.nil?
 
-		@portsused = os.elements.collect('portused') do |port|
+		@portsused = os[:kids].collect_tags(:portused) do |port|
 			PortUsed.new(port)
 		end
 
-		@osclasses = os.elements.collect('osclass') do |osclass|
+		@osclasses = os[:kids].collect_tags(:osclass) { |osclass|
 			OSClass.new(osclass)
-		end
-
-		@osclasses.sort!.reverse!
+		}.sort.reverse
 
-		@osmatches = os.elements.collect('osmatch') do |match|
+		@osmatches = os[:kids].collect_tags(:osmatch) { |match|
 			OSMatch.new(match)
-		end
+		}.sort.reverse
 
-		@osmatches.sort!.reverse!
-
-		fp = os.elements['osfingerprint']
-		@fingerprint = fp.attributes['fingerprint'] if fp
+		fp = os[:kids].find_tag(:osfingerprint)
+		@fingerprint = fp[:attrs]['fingerprint'] if fp
 	end
+
+	# :startdoc:
 end
 
 class Nmap::Parser::Host::OS::PortUsed # :nodoc: all
@@ -1411,9 +1645,9 @@ class Nmap::Parser::Host::OS::PortUsed # :nodoc: all
 	end
 
 	def parse(ports)
-		@state = ports.attributes['state']
-		@proto = ports.attributes['proto']
-		@num = ports.attributes['portid'].to_i
+		@state = ports[:attrs]['state']
+		@proto = ports[:attrs]['proto']
+		@num = ports[:attrs]['portid'].to_i
 	end
 end
 
@@ -1437,17 +1671,21 @@ class Nmap::Parser::Host::OS::OSClass
 
 	private
 
+	# :stopdoc:
+
 	def initialize(osclass)
 		parse(osclass)
 	end
 
 	def parse(osclass)
-		@ostype = osclass.attributes['type']
-		@osvendor = osclass.attributes['vendor']
-		@osfamily = osclass.attributes['osfamily']
-		@osgen = osclass.attributes['osgen']
-		@accuracy = osclass.attributes['accuracy'].to_i
+		@ostype = osclass[:attrs]['type']
+		@osvendor = osclass[:attrs]['vendor']
+		@osfamily = osclass[:attrs]['osfamily']
+		@osgen = osclass[:attrs]['osgen']
+		@accuracy = osclass[:attrs]['accuracy'].to_i
 	end
+
+	# :startdoc:
 end
 
 # Holds information for an individual OS match record
@@ -1464,13 +1702,142 @@ class Nmap::Parser::Host::OS::OSMatch
 
 	private
 
+	# :stopdoc:
+
 	def initialize(os)
 		parse(os)
 	end
 
 	def parse(os)
-		@name = os.attributes['name']
-		@accuracy = os.attributes['accuracy'].to_i
+		@name = os[:attrs]['name']
+		@accuracy = os[:attrs]['accuracy'].to_i
+	end
+
+	# :startdoc:
+end
+
+# :stopdoc:
+
+#
+# Now for the actual XML parsing stuff for Nmap::Parser ...
+#
+
+class Nmap::XmlParsing::TagGroup < Array
+	def each_tag(name)
+		self.each { |tag| yield tag if match(tag, name) }
+	end
+
+	def collect_tags(name)
+		self.map { |tag| yield tag if match(tag, name) }.compact
+	end
+
+	def find_tag(name)
+		self.find { |tag| match(tag, name) }
+	end
+
+	private
+
+	def match(tag, name)
+		tag[:name] == name.to_sym
+	end
+end
+
+# Super simple!
+class Nmap::XmlParsing::Tag < Hash
+	private
+
+	def initialize(name, attrs)
+		self[:name] = name
+		self[:attrs] = attrs
+		self[:kids] = Nmap::XmlParsing::TagGroup.new
+	end
+end
+
+class Nmap::XmlParsing::MyParser
+	include Nmap
+
+	attr_reader :session
+	attr_reader :hosts
+
+	def tag_start(tag, attrs)
+		name = tag.to_sym
+
+		return if ignored(name)
+
+		kv = XmlParsing::Tag.new(name, attrs)
+
+		if @data.empty?
+			@data[name] = kv
+		else
+			@loc.last[:kids].push(kv)
+		end
+
+		@loc.push(kv)
+	end
+
+	def tag_end(tag)
+		name = tag.to_sym
+
+		return if ignored(name)
+
+		last = @loc.pop
+
+		case name
+		when :host
+			@hosts << Parser::Host.new(last)
+			@loc[@loc.size - 2][:kids].pop
+
+			if @callback
+				Thread.new(@hosts.last) do |host|
+					Thread.current[:cb] = true
+					@callback.call(host)
+				end
+			end
+		when :nmaprun
+			@session = Parser::Session.new(last)
+
+			if @callback and Thread.list.size > 1
+				Thread.list.reject { |t|
+					not t[:cb]
+				}.each { |t|
+					t.join
+				}
+			end
+		end
+	end
+
+	def method_missing(sym, *args)
+	end
+
+	def completed?
+		# @session becomes non-nil when <nmaprun> closes, which means
+		# we're done
+		@session ? true : false
+	end
+
+	private
+
+	# We don't want to store anything we don't care about!
+	IGNORED = [
+		:taskbegin,
+		:taskprogress,
+		:taskend,
+		# Zenmap uses this for screen output
+		:output
+	]
+
+	def ignored(name)
+		IGNORED.find { |ent| ent == name }
+	end
+
+	def initialize(callback)
+		@data = {}
+		@loc = []
+
+		@session = nil
+		@hosts = []
+
+		@callback = callback
 	end
 end