Nmap Development mailing list archives

Re: "dnet: Failed to open device" errors on AIX, as root

From: David Fifield <david () bamsoftware com>
Date: Wed, 21 Nov 2012 16:16:16 -0800

On Sun, Nov 11, 2012 at 12:14:47PM -0500, Ben Lentz wrote:

On 11/11/12 11:44 AM, David Fifield wrote:

On Sat, Nov 10, 2012 at 10:31:52AM -0500, Ben Lentz wrote:

I have downloaded and compiled Nmap 6.01 on AIX. Any time I perform
any type of scan, as root, on any IP address on the interface's
local network, I get the classic "dnet: Failed to open device"
error.

However, when I perform a scan of an IP or network that's off
network, it works just fine.

What's the output of these commands?
    nmap --iflist
    nmap --route-dst 10.0.17.1
    nmap --route-dst 10.0.18.1


W/root:

$ sudo nmap --iflist

Starting Nmap 6.01 ( http://nmap.org ) at 2012-11-11 12:10 EST
************************INTERFACES************************
DEV (SHORT) IP/MASK       TYPE     UP MTU   MAC
en2 (en2)   10.0.17.14/24 ethernet up 1500  9E:8B:F7:E6:00:0B
lo0 (lo0)   127.0.0.1/8   loopback up 16896
lo0 (lo0)   ::1/0         loopback up 16896

**************************ROUTES**************************
DST/MASK       DEV GATEWAY
10.0.17.255/32 en2 10.0.17.14
10.0.17.0/32   en2 10.0.17.14
10.0.17.14/32  lo0 127.0.0.1
10.0.17.0/24   en2 10.0.17.14
10.0.17.0/24   en2 10.0.17.14
127.0.0.0/8    lo0 127.0.0.1
0.0.0.0/0      en2 10.0.17.1

$ sudo nmap --route-dst 10.0.17.1
10.0.17.1
en2 en2 srcaddr 10.0.17.14 direct

$ sudo nmap --route-dst 10.0.18.1
10.0.18.1
en2 en2 srcaddr 10.0.17.14 nexthop 10.0.17.1


This is difficult to diagnose because we can't reproduce it. The reason
it fails only for on-link targets is because it's trying to do ARP scan,
which requires sending via an Ethernet handle, which is the part that's
failing. As a workaround, you can try the --send-ip option.

Here are some other things you can try:

Do you have /dev/bpf* devices?

Try running "sudo truss nmap --route-dst 10.0.17.1" and sending us the
truss log. This will show if there is a system call that is failing and
causing the error.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

"dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 10)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 11)
  - Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 12)
    - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 21)
    - Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 22)
    - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 22)
    - Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 23)
    - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 23)
- <Possible follow-ups>
- "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 07)
  - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 08)
    - Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 08)
    - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 10)
    - Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 10)
    - Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 10)