Nmap Development mailing list archives
Re: running out of BPF devices
From: Okan Demirmen <okan () demirmen com>
Date: Wed, 31 May 2006 13:12:04 -0400
On Wed 2006.05.24 at 02:16 +0200, rembrandt () jpberlin de wrote:
The only solution wich may helps you is adding more bpf-Devices in /dev. I pointed out to Okan that if you run out of bpf-Devices (with nmap 3.95, OpenBSD 3.9) nmap also has a lot other problems even if you just wnana scan localhost (wont work anymore... some errors..bla). Updating to 4.03 will fix this (also some mem-leaks but hell what`s going on... OpenBSD does not updated the nmap-port for 3.9-stable..) but you`ll still need to add more bpf-Devices. ;-/ If you?re running 3.95 on OpenBSD it will also crash (like 4.03 does) if you scan multible hosts (class-B nets) with f.e. (on OpenBSD) -T[0,1]. Agressiv-Scan works with 4.03 on my OpenBSD but your nmap does not crash (my does if I do scanning a lot Class-B nets..but "nobody" maintains class-B networks..or? *ironic*) it just claims there`s no free bpf-Device. Running out of bpf-Devices happens if you may have some other programs running already wich take one/many of the (in OpenBSD 10) bpd-Devices. F.e. tcpdump should be such a program or running multible nmap-scans at the same time in background. So simply adding more bpf-Devices with makedev should solve this problem.
i'm sorry, but i've been scanning *much much* larger networks than you describe here and i've never run out of bpf-devices. what are you guys doing? make sure you know what you are doing when you run nmap with root privileges. this has been documented in various places, but every privileged instance "uses" bpf(4) (to put it simply) - so don't expect parallel privileged nmap scans to not open a few more devices than what exists by default. also note: you'll recall that os fingerprinting does not have parallel capabilities (yet). so maybe adding more devices will help you get through the day, but know what you complicating or breaking; or worse yet, poluting your results. yet, i am still curious as to what you all are doing... _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- running out of BPF devices Petar Bogdanovic (May 13)
- Re: running out of BPF devices Petar Bogdanovic (May 13)
- Re: running out of BPF devices Okan Demirmen (May 13)
- Re: running out of BPF devices Petar Bogdanovic (May 14)
- Re: running out of BPF devices Okan Demirmen (May 23)
- Re: running out of BPF devices Petar Bogdanovic (May 14)
- <Possible follow-ups>
- Re: running out of BPF devices rembrandt (May 23)
- Re: running out of BPF devices Okan Demirmen (May 31)