Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX

From: Fyodor <fyodor () insecure org>
Date: Wed, 29 Aug 2007 01:08:11 -0700
On Sat, Aug 25, 2007 at 02:55:07AM -0500, Kurt Grutzmacher wrote:


I'm not sure there's a way to separate bad interfaces from good ones
without disrupting functionality of aborting on bad interfaces. Since
getinterfaces() runs through every known interface displaying a message
would be annoying and users attempting to nmap on interfaces that are
invalid will just get no results.


I'm OK with not aborting on bad interfaces, as long as we at least
give a warning about them.  Maybe (as is common with the vmware
interface case), someone is actually trying to scan on another
interface, so the broken one need not be so much of a problem.  If you
get a chance, please try the patch below.  I've committed it to SVN,
though I'm kinda wary of comitting even tiny patches which I can't
actually test (no Mac OS box yet).

Cheers,
-F

Index: tcpip.cc
===================================================================
--- tcpip.cc    (revision 5699)
+++ tcpip.cc    (working copy)
@@ -2778,9 +2778,10 @@
        eth_t *ethsd = eth_open_cached(mydevs[numifaces].devname);
        eth_addr_t ethaddr;

-       if (!ethsd)
-         fatal("%s: Failed to open ethernet interface (%s). A possible cause on BSD operating systems is running out 
of BPF devices (see http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0014.html).", __func__,
-               mydevs[numifaces].devname);
+       if (!ethsd) {
+         error("Warning: Unable to open interface %s -- skipping it.", mydevs[numifaces].devname);
+         continue;
+       }
        if (eth_get(ethsd, &ethaddr) != 0)
          fatal("%s: Failed to obtain MAC address for ethernet interface (%s)",
                __func__, mydevs[numifaces].devname);











However if we just do this:

if (!ethsd) {
  if (strncmp(mydevs[numifaces].devname, "vmnet", 5) != 0) 
    fatal("%s: Failed to open ethernet interface (%s). A possible cause on BSD operating systems is running out of 
BPF devices (see http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0014.html).\n", __func__,
      mydevs[numifaces].devname);
  continue;
}

Then OSX/Fusion users won't get the fatal, any attempt to nmap a Fusion
interface will give a nexthost error (nexthost: failed to determine route)
and when Fusion fixes their problem we won't need to make any changes
because ethsd will be set. Still sort of a kludge but unless we change
the return data from libdnet's eth_open() it's gonna be difficult to tell.


-- 
                 ..:[ grutz at jingojango dot net ]:..
     GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03 8CB3 ECB4
      "There's just no amusing way to say, 'I have a CISSP'."






_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: