Nmap Development mailing list archives
Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table
From: David Fifield <david () bamsoftware com>
Date: Tue, 11 Sep 2012 20:49:18 -0700
On Tue, Sep 11, 2012 at 11:41:07AM -0700, David Fifield wrote:
On Tue, Sep 11, 2012 at 01:38:10PM -0400, starlight.2012q3 () binnacle cx wrote:At 07:13 PM 9/10/2012 -0700, David Fifield wrote:Please try this patch, with both --send-ip and --send-eth. The patch causes route_dst_netlink to add extra specifiers for the source address.Cool. It works as desired with --send-eth, but not with --send-ip. The commands used (carefully pasted) were nmap -e eth4 -S 172.29.86.4 --send-eth -Pn 69.160.42.66 and nmap -e eth4 -S 172.29.86.4 --send-ip -Pn 69.160.42.66 (Destination address is spammer IP) When the above lines have --route_dst and --iflist added the results look the same as before. I see in the patch that 'nmap' is making use of a Linux kernel routing facility when actually sending packets. With --send-ip traffic is sent out 'eth5' and is directed to the MAC of the 172.29.79.2 router address for that link.That's good to hear. We are making progress. I've committed this patch that makes --send-eth work. I will look at why --send-ip does not choose the same route.
This seems to be working for me now; please check if it is for you. This is the test configuration I set up: $ ip rule show 0: from all lookup local 32765: from 172.29.86.4 lookup 14 32766: from all lookup main 32767: from all lookup default $ ip route show table 14 default via 192.168.0.2 dev br0 172.29.86.0/24 dev eth0 scope link src 172.29.86.4 $ ip route show table main default via 192.168.0.1 dev br0 172.29.0.0/16 dev eth0 proto kernel scope link src 172.29.86.4 192.168.0.0/24 dev br0 proto kernel scope link src 192.168.0.21 $ ./nmap -S 172.29.86.4 -e eth0 --route-dst scanme.nmap.org 74.207.244.221 eth0 eth0 srcaddr 172.29.86.4 nexthop 192.168.0.2 Both --send-ip and --send-eth try to route through 192.168.0.2, and I can see in tcpdump that it is sending packet's to that IP address's QEMU MAC address. I think --send-ip needed a little time for an ARP entry to expire or something. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table starlight . 2012q3 (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 10)
- <Possible follow-ups>
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table starlight . 2012q3 (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table starlight . 2012q3 (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table starlight . 2012q3 (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 10)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table starlight . 2012q3 (Sep 11)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 11)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 11)
- Re: 'nmap -S <src_addr>' does not use 'iproute2' alternate routing table David Fifield (Sep 10)