Re: [bug] nexthost: failed to find route to XXX (directly connected, with --randomize-hosts)

[David Fifield <david () bamsoftware com>]

On Tue, Mar 27, 2012 at 09:42:24PM -0700, David Fifield wrote:
> On Mon, Mar 26, 2012 at 02:05:52PM -0500, Daniel Miller wrote:
> > List,
> >
> > Ran into what I think is a bug related to hostgroups and the
> > --randomize-hosts argument. Before I start speculating wildly,
> > here's what's going on:
> >
> > My subnet is XXX.XXX.64.0/21, my IP is XXX.XXX.69.208, and I want to
> > scan XXX.XXX.0.0/16. I am also using the --exclude-file option to
> > exclude about 6 /24 subnets, and using the --randomize-hosts
> > argument. Host discovery goes well, but during the port scan, I get
> > "nexthost: failed to find route to XXX.XXX.68.0", and the scan ends
> > prematurely.
>
> That's an interesting case. During the ping scan, is it breaking the
> targets into many tiny little hostgroups because the ones that are
> direct are not contiguous?
>
> > While investigating, I noticed that the target_needs_new_hostgroup
> > function in targets.cc checks for "Different direct connectedness,"
> > but the same function in nmap.cc does not. Is this something that
> > should be put there?
>
> Yes, probably, from a quick look. I only wonder about the tiny little
> hostgroups and if we should do something about that.

So I don't know why the two versions of target_needs_new_hostgroup
differ so much. I've just made it so they are the same, which will
hopefully solve the problem you saw.

I tried making a C++ template to abstract away the slight data structure
differences in the two versions of the function, but couldn't make that
work right away.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/