Nmap Development mailing list archives
nmap won't work with policy route
From: Taburiss S <staburiss () gmail com>
Date: Fri, 1 Mar 2013 09:19:33 +0800
Hi ~ I'm trying to write a shell script to test every network interface in one server. I have some policy routing rules like below: #ip rule 0: from all lookup local 1: from <IP of ppp0> look up ppp0_RT // <-- (ppp0_RT = default via <gateway of ppp0>) 2: from <IP of ppp1> look up ppp1_RT // <-- (ppp1_RT = default via <gateway of ppp1>) 32766: from all lookup main 32767: from all lookup default And the main routing table is shown below Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.16.126.229 * 255.255.255.255 UH 0 0 0 ppp1 172.16.126.240 * 255.255.255.255 UH 0 0 0 ppp0 default * 0.0.0.0 U 0 0 0 ppp0 Since I want to test every ppp interface, I need to use nmap -e to specify an output interface like this: # nmap -e ppp0 -sP 8.8.8.8 This worked well, but # nmap -e ppp1 -sP 8.8.8.8 end up with an error: nexthost: failed to determine route to 8.8.8.8 I find that if ppp1 is not 'default' in main routing table, even I have a ip rule whose priority is higher than the main table, I can't use nmap -e to force my ping packet goes out through this ppp1 interface. The only way is to set it to the default dev in main table, but if I do that the same problem will happen to ppp0 which can not be 'default' anymore. In my opinion nmap should find the IP address of the interface that given by -e , and bind a raw socket to this IP, than send ICMP packet to 8.8.8.8. At this point my ip rules should work well, and the 'default' in main table should do nothing with this packet. Actually, I wrote a small program like that , and it do work well. I don't know what is happening in nmap -e and the iproute. Please kindly guide me to solve this problem.~ Have a nice day, every one. _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap won't work with policy route Taburiss S (Feb 28)
- Re: nmap won't work with policy route David Fifield (Mar 01)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route David Fifield (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route David Fifield (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route David Fifield (Mar 01)
- Re: nmap won't work with policy route David Fifield (Mar 07)