Nmap Development mailing list archives
Nmap issue : Error compiling our pcap filter: expression rejects all packets
From: "Thuse, Saurabh" <Saurabh_Thuse () bmc com>
Date: Wed, 29 Sep 2021 11:41:31 +0000
Hi All, We are getting below error with Nmap 7.91 while doing port scanning. Issue : Nmap port scan fails with Error compiling our pcap filter: expression rejects all packets Description : When we are running Nmap port scanning from Windows we get below error with details nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 169.254.0.58 169.254.0.113 172.19.0.110 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE nmaprun> <?xml-stylesheet href=file:///C:/Program Files/XX/OP/nmap/nmap.xsl type="text/xsl"?> <!-- Nmap 7.91 scan initiated Thu Sep 02 12:43:31 2021 as: "C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 169.254.0.58 169.254.0.113 172.19.0.110 --> <nmaprun scanner="nmap" args=""C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 169.254.0.58 169.254.0.113 172.19.0.110" start="1630579411" startstr="Thu Sep 02 12:43:31 2021" version="7.91" xmloutputversion="1.05"> <scaninfo type="syn" protocol="tcp" numservices="13" services="21-23,80,135,443,513,902,3940,5985-5986,5988-5989"/> <scaninfo type="udp" protocol="udp" numservices="1" services="161"/> <verbose level="0"/> <debugging level="0"/> <taskprogress task="Ping Scan" time="1630579412" percent="5.00" remaining="20" etc="1630579431"/> Error compiling our pcap filter: expression rejects all packets We then ran same command for only two problematic IPS: nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 169.254.0.58 169.254.0.113 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE nmaprun> <?xml-stylesheet href=file:///C:/Program Files/XX/OP/nmap/nmap.xsl type="text/xsl"?> <!-- Nmap 7.91 scan initiated Thu Sep 02 12:44:26 2021 as: "C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 169.254.0.58 169.254.0.113 --> <nmaprun scanner="nmap" args=""C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 169.254.0.58 169.254.0.113" start="1630579466" startstr="Thu Sep 02 12:44:26 2021" version="7.91" xmloutputversion="1.05"> <scaninfo type="syn" protocol="tcp" numservices="13" services="21-23,80,135,443,513,902,3940,5985-5986,5988-5989"/> <scaninfo type="udp" protocol="udp" numservices="1" services="161"/> <verbose level="0"/> <debugging level="0"/> Error compiling our pcap filter: expression rejects all packets We again ran same command, excluding two problematic IPS: This time it works nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 172.19.0.110 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE nmaprun> <?xml-stylesheet href=file:///C:/Program Files/XX/OP/nmap/nmap.xsl type="text/xsl"?> <!-- Nmap 7.91 scan initiated Thu Sep 02 12:44:53 2021 as: "C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 172.19.0.110 --> <nmaprun scanner="nmap" args=""C:\\\\Program Files\\\\XX\\\\OP\\\\nmap\\\\nmap.exe" -oX - --privileged --min-rtt-timeout 500ms -sS -sU -T4 -PE -p T:513,5985,5986,3940,5988,902,135,5989,80,21,22,23,443,U:161 10.77.160.110 10.66.0.112 10.97.128.111 172.29.0.113 107.0.0.112 10.4.0.114 10.4.0.112 10.72.0.112 172.25.0.113 172.19.0.110" start="1630579493" startstr="Thu Sep 02 12:44:53 2021" version="7.91" xmloutputversion="1.05"> <scaninfo type="syn" protocol="tcp" numservices="13" services="21-23,80,135,443,513,902,3940,5985-5986,5988-5989"/> <scaninfo type="udp" protocol="udp" numservices="1" services="161"/> <verbose level="0"/> <debugging level="0"/> <runstats><finished time="1630579494" timestr="Thu Sep 02 12:44:54 2021" summary="Nmap done at Thu Sep 02 12:44:54 2021; 10 IP addresses (0 hosts up) scanned in 1.73 seconds" elapsed="1.73" exit="success"/><hosts up="0" down="10" total="10"/> </runstats> </nmaprun> We then ran same commands by connecting to our corporate network (VPN) and all commands pass just fine. Please refer attached output. So we want to know why we get error for 169.x series of IPS? Is this known issue? Thanks, Saurabh Thuse ________________________________ Saurabh Thuse Lead Product Developer BMC Discovery www.bmc.com Office Phone +91-20-40175748 Wing 1, Tower B, Business Bay, Airport Road, Yerwada, Pune - 411006 India [cid:image001.png@01D7B54A.0C2E3080]<http://www.bmc.com/>
Attachment:
nmap_queries.txt
Description: nmap_queries.txt
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Nmap issue : Error compiling our pcap filter: expression rejects all packets Thuse, Saurabh (Sep 29)