Nmap Development mailing list archives
Re: Nmap labeled ethernet address problem
From: bensonk () acm wwu edu
Date: Tue, 29 Apr 2008 22:08:32 -0700
I looked into it a few days ago and came to a fairly similar conclusion, but wasn't confident enough in it to say anything to the mailing list. But, everything I found agreed with what Kris said. I also noticed that if you set an interface alias to something that doesn't start with "ifname:" the ifconfig tool completely pukes. So, I think it's either a problem with the "ip" tool, or whoever's architecting the networking API in linux not specifying clearly what aliases should look like. Benson On Tue, Apr 29, 2008 at 09:27:21PM -0500, Kris Katterjohn wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey Fyodor, Fyodor wrote:Nmap seems to quit when it encounters labeled ethernet addresses on Linux.<snip># ip addr add 1.1.1.1/32 dev eth0 label eth0vip # ip addr list dev eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:12:79:de:38:13 brd ff:ff:ff:ff:ff:ff inet 192.34.35.49/28 brd 192.34.35.63 scope global eth0 inet 1.1.1.1/32 scope global eth0vip inet6 fe80::212:79ff:fede:3813/64 scope link valid_lft forever preferred_lft forever # nmap -sP -PI 192.34.35.1-5 Starting Nmap 4.60 ( http://nmap.org ) at 2008-04-17 17:33 MDT Failed to determine the netmask of eth0vip!: No such device (19)I've been looking into this. It looks like "labels" are the same as the older "aliases", which are traditionally either the same name as the interface (as on BSD) or prefixed with the interface name and a colon (as on Solaris). Linux seems to support both. Nmap already knows about the colon notation: Strncpy(mydevs[numifaces].devname, ifr->ifr_name, [...]); /* devname isn't allowed to have alias qualification */ if ((p = strchr(mydevs[numifaces].devname, ':'))) *p = '\0'; I confirmed that using a label of "eth0:0" works as expected. After devname stuff, the netmask stuff is done: Strncpy(tmpifr.ifr_name, ifr->ifr_name, sizeof(tmpifr.ifr_name)); memcpy(&(tmpifr.ifr_addr), sin, [...]); rc = ioctl(sd, SIOCGIFNETMASK, &tmpifr); But notice that ifr->ifr_name is used rather than devname, so the SIOCGIFNETMASK apparently works for aliases and labels *if* they're in the right format. The ip manpage on my system says this about labels: "Each address may be tagged with a label string. In order to preserve compatibility with Linux-2.0 net aliases, this string must coincide with the name of the device or must be prefixed with the device name followed by colon." So it seems that Nmap isn't at fault, but rather the user for selecting the improper label and ip for not producing an error or warning. So given this, I'm not sure what should be done about it :)Cheers, -FThanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBSBfZB/9K37xXYl36AQLTPw//W6U3AEkbMuB4farS7sAjdwfY5ltpoRBu 7qkvKtpAMYyRmwUr/ZJyaLppmUUAtzmzX8t2cK9F5cLHor5Zbp+j4i+DoEiMrgD+ 4qtrDQ4h7WjNEljE5m5tZqhy/Oa9JD6LGwXLnhsNINi8jYz9+hBDii3fuQu1HLi8 ILEoRDmN3eEKooX9Fiexk8uDqF+O5TLpFNM08dP7+6nDHxXU+5sraF2IX28MHpZ6 SKGPu2qKhFd0hdeT+75qiNH447izp9d3B154blxyaf3hOjJ7Vv6Z0n25yRS2wgJk 4UCrhEPr2LFaH4xaQixYWh68q5WwoVmEZeHoeXDRKfv2V30Bj3tjq92ZzAR2iNf9 1WPPsy8ajcrMCVah3Ndityj2rq8eFR4CgvU9w3kQ0Sp8MK+UzJGGvypMz7tAb+PV nKibp29srfF2e+i0GWyeI9AvTHSmAY8m/wTdnBUapi5vV7iRBut5pNQGLPq6atAh 7B6+fiTdkjZZsz6A+rL9N7X/Cy3P6ZF0du1+O6MfnBeDTx1LZCeVlnGVLP8MVK6e gk6LSdQcmtrb3JTmsTNBO+SA6pGyNV+OdZb2xp6iepwrXfpWPn6OT2QOm7nDRic/ T/LW34BPYWhEy0KBtlWRpJ11cvd8EalZETG7f7CrW36Tdq6yLObKgxZ2KBdJZ3Xt IfjphZ5OCcc= =aC3+ -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- Nmap labeled ethernet address problem Fyodor (Apr 19)
- Re: Nmap labeled ethernet address problem Kris Katterjohn (Apr 29)
- Re: Nmap labeled ethernet address problem bensonk (Apr 29)
- Re: Nmap labeled ethernet address problem Kris Katterjohn (Apr 30)
- Re: Nmap labeled ethernet address problem Fyodor (May 06)
- Re: Nmap labeled ethernet address problem bensonk (Apr 29)
- Re: Nmap labeled ethernet address problem Kris Katterjohn (Apr 29)