Nmap Development mailing list archives
Re: nexthost: failed to determine route to xxx.xxx.xxx.xxx
From: "Mauricio Brunstein" <mbrunstein () gmail com>
Date: Sun, 13 May 2007 16:10:55 -0300
Hi! I had the same problem with Nmap and found a workaround. I hope that it will be useful to you. I saw that making a change in the routing table, nmap worked normally. I tested a little bit my system and had no problems using it. I'm using OpenBSD 3.9 as a gateway/firewall to connect a network to the Internet (using pppoe), and it comes with Nmap 3.95. In the remaining of the text I replaced the values of the addresses of the ppp macro expansions in the following way: MYADDRESS: a.b.c.d HISADDRESS: e.f.g.h Normally when I connect to the Internet the interface tun0 is configured like this: mauro@migg:~ {102} ifconfig tun0 tun0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1492 groups: tun egress inet a.b.c.d --> e.f.g.h netmask 0xffffffff And the routing tables are: mauro@migg:~ {67} sudo route show Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface default e.f.g.h UGS 0 165 - tun0 migg.labo migg.labo UH 0 0 33224 lo0 192.168.2/24 link#2 UC 0 0 - fxp1 e.f.g.h a.b.c.d UH 0 0 1492 tun0 The ppp.conf file is: default: set log Phase Chat LCP IPCP CCP tun command LQM nat enable yes iface clear INET disable ipv6cp nat same_ports yes nat use_sockets yes set device "!/usr/sbin/pppoe -v -i fxp0" set mtu 1492 set mru 1492 enable mssfixup set speed sync disable acfcomp protocomp deny acfcomp set authname YYYYYYY set openmode passive set authkey XXXXXX set ifaddr 10.0.0.1/0 10.0.0.2/0 add! default HISADDR enable lqr enable echo set lqrperiod 5 set echoperiod 5 enable dns The ppp.linkup file is: MYADDR: !bg /sbin/pfctl -f /etc/pf.conf In this condition I have the same problem with Nmap. But I changed the file ppp.linkup in the following way: MYADDR: !bg /sbin/pfctl -f /etc/pf.conf !bg /sbin/route change default -inet MYADDR -mtu 1492 Adding the second line, after the connection to the Internet, makes the routing table to look like this: mauro@migg:~ {73} sudo route show Routing tables Internet: Destination Gateway Flags Refs Use Mtu Interface default a.b.c.d UGS 0 2150 1492 tun0 migg.labo migg.labo UH 0 0 33224 lo0 192.168.2/24 link#2 UC 0 0 - fxp1 d.e.f.g a.b.c.d UH 0 0 1492 tun0 And in this manner I had no more problems with Nmap. I had not read the sources to know why the thing works in this manner, but my box is working fine. I hope that this helps to other people. Best regards, Mauricio _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Re: nexthost: failed to determine route to xxx.xxx.xxx.xxx Mauricio Brunstein (May 13)