Nmap Development mailing list archives
Re: "dnet: Failed to open device" errors on AIX, as root
From: David Fifield <david () bamsoftware com>
Date: Thu, 22 Nov 2012 09:26:33 -0800
On Wed, Nov 21, 2012 at 09:19:37PM -0500, Ben Lentz wrote:
This is difficult to diagnose because we can't reproduce it. The reason it fails only for on-link targets is because it's trying to do ARP scan, which requires sending via an Ethernet handle, which is the part that's failing. As a workaround, you can try the --send-ip option. Here are some other things you can try: Do you have /dev/bpf* devices? Try running "sudo truss nmap --route-dst 10.0.17.1" and sending us the truss log. This will show if there is a system call that is failing and causing the error.Thanks for your reply, David! - Using --send-ip looks like it's able to work around this problem... I am able to complete scans on the system using --send-ip against the local 10.0.17.0/24 network. - My AIX 6.1 TL7 SP5 does appear to have /dev/bpf[0-3], as character devices, owned by root.system (0:0), with permission mode 0400. - I will attach the gzipped truss output from the following two commands:
Thanks for this output. I think I see what the bug is; in short, it looks like a known bug in AIX. "BIND TO AF_NDD ADDRESS INCORRECTLY FAILS WITH EEXISTS" http://www-01.ibm.com/support/docview.wss?uid=isg1IZ76058 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ67350 The important part of the truss output is 10485844: 95158519: socket(23, 2, 1) = 3 10485844: 95158519: bind(3, 0x2FF2024C, 36) Err#17 EEXIST 10485844: 95158519: close(3) = 0 which corresponds to this code in in libdnet-stripped/src/eth-ndd.c: if ((e->fd = socket(AF_NDD, SOCK_DGRAM, NDD_PROT_ETHER)) < 0) return (eth_close(e)); sa.sndd_8022_family = AF_NDD; sa.sndd_8022_len = sizeof(sa); sa.sndd_8022_filtertype = NS_ETHERTYPE; sa.sndd_8022_ethertype = ETH_TYPE_IP; sa.sndd_8022_filterlen = sizeof(struct ns_8022); strlcpy(sa.sndd_8022_nddname, device, sizeof(sa.sndd_8022_nddname)); if (bind(e->fd, (struct sockaddr *)&sa, sizeof(sa)) < 0) return (eth_close(e)); It looks like there is an update for the problem that you may be able to install. Short of that, I don't think there's anything we can do, so I hope the --send-ip workaround is good enough. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 10)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 11)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 12)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 21)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 22)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 22)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 23)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 23)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Nov 12)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Nov 11)
- <Possible follow-ups>
- "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 07)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 08)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 08)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 10)
- Re: "dnet: Failed to open device" errors on AIX, as root Ben Lentz (Dec 10)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 10)
- Re: "dnet: Failed to open device" errors on AIX, as root David Fifield (Dec 08)