Nmap Development mailing list archives
Re: nmap won't work with policy route
From: John Bond <john.r.bond () gmail com>
Date: Thu, 7 Mar 2013 12:02:48 +0100
Hi David, This patch dose improve things. nmap now picks the correct source address but it is still arping. So it is now doing the same as ping but it is not as good as traceroute. im at a bit of a loss on what other information is of use in trying to debug this, if you have any ideas let me know Regards John On 7 March 2013 11:39, David Fifield <david () bamsoftware com> wrote:
On Wed, Mar 06, 2013 at 08:34:48PM +0100, John Bond wrote:I took a quick look at this on a system where we have a similar routing config. See below for details. I tried with nmap 5.5* (what ever is in centos 6.3) and i got the error described in the original email and--route-dstis unavailable. using the version from nmap i get the following sudo ./nmap -e eth0 --route-dst 8.8.8.8 Starting Nmap 6.26SVN ( http://nmap.org ) at 2013-03-06 19:24 UTC 8.8.8.8 eth0 eth0 srcaddr 192.0.2.115 nexthop 192.0.2.126 sudo ./nmap -e eth1 --route-dst 8.8.8.8 Starting Nmap 6.26SVN ( http://nmap.org ) at 2013-03-06 19:24 UTC 8.8.8.8 eth1 eth1 srcaddr 192.0.2.102 nexthop 192.0.2.97 So everything at this point looks correct; however when i do the actual scan i notice that the wrong source address is selected. sudo ./nmap -e eth0 -sP 8.8.8.8 19:27:24.359034 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 8.8.8.8 tell 192.0.2.102, length 28 as an FYI using ping picks the correct source ping -I eth0 8.8.8.8 18:53:35.791022 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 8.8.8.8 tell 192.0.2.115, length 28Thank you for checking this, John. I'd like you to please try this patch and see if it resolves the problem. It provides the desired output interface (RTA_OIF) to the netlink interface to help it make its routing decision. David Fifield
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- nmap won't work with policy route Taburiss S (Feb 28)
- Re: nmap won't work with policy route David Fifield (Mar 01)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route David Fifield (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route David Fifield (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 07)
- Re: nmap won't work with policy route John Bond (Mar 06)
- Re: nmap won't work with policy route David Fifield (Mar 01)
- Re: nmap won't work with policy route David Fifield (Mar 07)