Nmap Development mailing list archives
Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX
From: Fyodor <fyodor () insecure org>
Date: Wed, 29 Aug 2007 01:08:11 -0700
On Sat, Aug 25, 2007 at 02:55:07AM -0500, Kurt Grutzmacher wrote:
I'm not sure there's a way to separate bad interfaces from good ones without disrupting functionality of aborting on bad interfaces. Since getinterfaces() runs through every known interface displaying a message would be annoying and users attempting to nmap on interfaces that are invalid will just get no results.
I'm OK with not aborting on bad interfaces, as long as we at least give a warning about them. Maybe (as is common with the vmware interface case), someone is actually trying to scan on another interface, so the broken one need not be so much of a problem. If you get a chance, please try the patch below. I've committed it to SVN, though I'm kinda wary of comitting even tiny patches which I can't actually test (no Mac OS box yet). Cheers, -F Index: tcpip.cc =================================================================== --- tcpip.cc (revision 5699) +++ tcpip.cc (working copy) @@ -2778,9 +2778,10 @@ eth_t *ethsd = eth_open_cached(mydevs[numifaces].devname); eth_addr_t ethaddr; - if (!ethsd) - fatal("%s: Failed to open ethernet interface (%s). A possible cause on BSD operating systems is running out of BPF devices (see http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0014.html).", __func__, - mydevs[numifaces].devname); + if (!ethsd) { + error("Warning: Unable to open interface %s -- skipping it.", mydevs[numifaces].devname); + continue; + } if (eth_get(ethsd, ðaddr) != 0) fatal("%s: Failed to obtain MAC address for ethernet interface (%s)", __func__, mydevs[numifaces].devname);
However if we just do this: if (!ethsd) { if (strncmp(mydevs[numifaces].devname, "vmnet", 5) != 0) fatal("%s: Failed to open ethernet interface (%s). A possible cause on BSD operating systems is running out of BPF devices (see http://seclists.org/lists/nmap-dev/2006/Jan-Mar/0014.html).\n", __func__, mydevs[numifaces].devname); continue; } Then OSX/Fusion users won't get the fatal, any attempt to nmap a Fusion interface will give a nexthost error (nexthost: failed to determine route) and when Fusion fixes their problem we won't need to make any changes because ethsd will be set. Still sort of a kludge but unless we change the return data from libdnet's eth_open() it's gonna be difficult to tell. -- ..:[ grutz at jingojango dot net ]:.. GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4 "There's just no amusing way to say, 'I have a CISSP'."
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Kurt Grutzmacher (Aug 24)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Fyodor (Aug 24)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Kurt Grutzmacher (Aug 25)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Fyodor (Aug 29)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Daniel Johnson (Aug 29)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Kurt Grutzmacher (Aug 31)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Kurt Grutzmacher (Aug 25)
- Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX Fyodor (Aug 24)