[bug] nexthost: failed to find route to XXX (directly connected, with --randomize-hosts)

[Daniel Miller <bonsaiviking () gmail com>]

List,

Ran into what I think is a bug related to hostgroups and the 
--randomize-hosts argument. Before I start speculating wildly, here's 
what's going on:

My subnet is XXX.XXX.64.0/21, my IP is XXX.XXX.69.208, and I want to 
scan XXX.XXX.0.0/16. I am also using the --exclude-file option to 
exclude about 6 /24 subnets, and using the --randomize-hosts argument. 
Host discovery goes well, but during the port scan, I get "nexthost: 
failed to find route to XXX.XXX.68.0", and the scan ends prematurely.

While investigating, I noticed that the target_needs_new_hostgroup 
function in targets.cc checks for "Different direct connectedness," but 
the same function in nmap.cc does not. Is this something that should be 
put there?

I did a small test trying to get --randomize-hosts to mix directly and 
not-directly connected addresses, but I couldn't get it to work, 
primarily because I'm on a NAT'ed /24, so I can't specify a single CIDR 
that contains both types of addresses.

Any thoughts would be appreciated.

Dan
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/