Solution to sendto() failures do to local firewall filtering outgoing packets

[Fyodor <fyodor () insecure org>]

[ This is mostly for the benefit of google and people browsing the web
  archives. ]

I have received several problem reports of Nmap giving errors such as this:

sendto in send_tcp_raw: sendto(3, packet, 40, 0, 192.168.0.2, 16) => Operation not permitted

In most cases, the problem has been that their local firewall is
blocking the outgoing packets.  So your first test should probably be
whether (TEMPORARILY) disabling the firewall resolves the problem.  On
Linux, these iptables commands will generally do the trick:

# First of all, flush & delete any existing chains
iptables -F
iptables -X

# Set the default policies for built in chains to accept
iptables --policy INPUT ACCEPT
iptables --policy OUTPUT ACCEPT
iptables --policy FORWARD ACCEPT

If the above (or the equivalent on your OS/setup) resolve the issue,
then you should probably reenable your firewall and figure out exactly
what to tweak in order to allow outgoing Nmap scans without
compromising the security provided by your filters.  The problem is
generally in the 'output' rules, as Nmap can usually capture incoming
packets regardless of local firewall settings.

Cheers,
-F


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).