|
Nmap Development
mailing list archives
Re: WARNING: Unable to find appropriate interface for system route to ...
From: kx <kxmail () gmail com>
Date: Tue, 18 Apr 2006 20:31:24 -0400
Thanks clozapina! You are a fricking hero. I however, am an nmap
n00b. 3.84 was the first version to include dnet and the whole rework
of that infrastructure. I should have known better.
Looking back at 3.81, it appears as though the routethrough function
in tcpip.cc was responsible for some of the same work that route_dst
does now. Not sure if we need to add some logic back in from that, but
let me ramble some more.
A question I have, could someone send me the output when they specify
the -e output? I could use that error message if any.
Again, I don't have a *BSD box, but here is my take at what is going on:
Getting the routes from Linux-style /proc/net/route isn't working. So
nmap tries to get the routes with dnet via, collect_dnet_routes(),
which is the call that produces the error("WARNING: Unable to find
appropriate interface for system route to %s\n",
addr_ntoa(&entry->route_gw)); I was focusing on the "nexthost" error
in earlier emails, which is a result of this.
The good news, is that nmap knows what gateway to use, but it can't
determine the interface to fill in the route table.
This the code in collect_dnet_routes that is failing, probably due to
failure to match the mask bits and then nmap thinks we aren't on the
same subnet? I am not familiar with ppp, pppoe, or tun interfaces. Is
the default mask not /0? If anyone could take a look at the values in
this loop, it would help for sure.
/* Now determine which interface the route relates to */
u32 mask;
struct sockaddr_in *sin;
for(i = 0; i < dcrn->numifaces; i++) {
sin = (struct sockaddr_in *) &dcrn->ifaces[i].addr;
mask = htonl((unsigned long) (0-1) << (32 - dcrn->ifaces[i].netmask_bits));
if ((sin->sin_addr.s_addr & mask) == (entry->route_gw.addr_ip & mask)) {
dcrn->routes[dcrn->numroutes].device = &dcrn->ifaces[i];
break;
}
}
Last if not least, it is a hack, but we could consider adding a
--next_hop option to force a next hop, and it would complete the -e
and -S options we have now.
Cheers,
kx
On 4/18/06, clozapina <clozapina () gmail com> wrote:
Ciao hx,
here your request, starting from the end ;-):
3.81 configure and make: work
3.84alfa1 configure and make: don't work
3.84alfa2 configure and make: don't work
3.90 configure and make: don't work
4.01 configure and make: don't work
4.02alfa2 configure and make: don't work
ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:0a:95:xx:xx:xx
media: autoselect (none) status: inactive
supported media: none autoselect 10baseT/UTP <half-duplex>
10baseT/UTP <full-duplex> 10baseT/UTP <full-duplex,hw-loopback>
100baseTX <half-duplex> 100baseTX <full-duplex> 100baseTX <full-
duplex,hw-loopback>
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:0d:93:xx:xx:xx
media: autoselect (<unknown type>) status: inactive
supported media: autoselect
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 2030
lladdr 00:0a:95:xx:xx:xx:xx:xx
media: autoselect <full-duplex> status: inactive
supported media: autoselect <full-duplex>
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 217.201.16.30 --> 217.200.178.19 netmask 0xffffff00
./nmap --iflist
Starting Nmap 4.01 ( http://www.insecure.org/nmap/ ) at 2006-04-18
18:38 CEST
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MAC
lo0 (lo0) 127.0.0.1/8 loopback up
ppp0 (ppp0) 217.201.28.62/24 point2point up
WARNING: Unable to find appropriate interface for system route to
217.200.178.19
WARNING: Unable to find appropriate interface for system route to
217.200.178.19
WARNING: Unable to find appropriate interface for system route to
217.200.178.19
**************************ROUTES**************************
DST/MASK DEV GATEWAY
127.0.0.1/32 lo0 127.0.0.1
217.200.178.19/32 ppp0 217.201.28.62
127.0.0.0/8 lo0 127.0.0.1
ask me for more info.
thks
bye
On 18/apr/06, at 14:13, kx wrote:
Bottom line, something in nmap or dnet is having difficulty getting
system routes, and it appears to be most common on *BSD kernels on
non-ethernet adapters.
Gianluigi, can you please send the output of "nmap --iflist" from
nmap 4.01?
Can you also please send the output of your "ifconfig -a" on OS X?
And last but not least, would you be willing to try working your way
up from nmap 3.81 to 4.01 and let us know what is the first version of
nmap that breaks? I know that is asking a lot, but it would be the
most valuable. Old distributions can be found here:
http://www.insecure.org/nmap/dist/
Thanks again,
kx
On 4/17/06, gianluigi angotti <clozapina () gmail com> wrote:
Hi,
this is only a note; i know that this problem is known.
I try to use nmap on a ppp via gprs connection and the result is
WARNING: Unable to find appropriate interface for system route to ...
At this moment i don't have experience on a different connection.
I compile nmap 4.01 on Mac OSX 10.4.6.
libdnet is 1.10
I use without problem 3.81.
bye
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
 By Date 
By Thread
Current thread:
|
Intro
