Nmap Announce mailing list archives

nmap, FreeBSD and ppp interface

From: Savva Uspensky <root () homepage ru>
Date: Thu, 21 Jan 1999 09:59:43 +0300 (MSK)

                        Hi, All!

        I found a problem when using nmap on FreeBSD 2.2.* with
ppp interface (see pppd(8)). It didn't work at all. After some
investigations I discovered the following:

--- from tcpip.c ---
  switch(datalink) {
  case DLT_EN10MB: offset = 14; break;
  case DLT_IEEE802: offset = 22; break;
  case DLT_NULL: offset = 4; break;
  case DLT_SLIP: 
  case DLT_PPP: offset = 24; break;
  case DLT_RAW: offset = 0; break;
---
 
        So PPP (and slip!) header length is 24.. This is wrong at least for
FreeBSD. The PPP header length is defined in net/ppp_defs.h as following:

#define PPP_HDRLEN      4       /* octets for standard ppp header */

        I changed 24 to 4 and it worked! BTW in Solaris ppp header size is
defined in sys/ppp_sys.h (PPP_HDRSZ) and seems to be equal 16. 
        Some more food for thoughts:

--- from FreeBSD net/slip.h ---

/*
 * Definitions of the pseudo-link-level header attached to slip
 * packets grabbed by the packet filter (bpf) traffic monitor.
 */
#define SLIP_HDRLEN     16              /* BPF SLIP header length */

---

        Hope this will help.


/Savva (savva () homepage ru)

Current thread:

nmap, FreeBSD and ppp interface Savva Uspensky (Jan 20)
- Re: nmap, FreeBSD and ppp interface Fyodor (Jan 21)
  - Re: nmap, FreeBSD and ppp interface Lamont Granquist (Jan 21)