Re: [PATCH]: Ignore VMWare Fusion interfaces on MACOSX

[Fyodor <fyodor () insecure org>]

On Fri, Aug 24, 2007 at 10:34:32PM -0500, Kurt Grutzmacher wrote:
> So the problem with those using Intel Macs, VMWare Fusion and Nmap isn't
> really solvable by us because the problem is with the "interfaces"
> created by Fusion. They don't permit BPF access for some really weird
> reason. This patch skips over any interface that has "vmnet" in it so
> the getinterfaces() function won't error out because of the failed
> ioctl() call from libdnet (line 60, eth_open() in eth-bsd.c)

Hi Kurt.  Thanks for your research, and the patch!  But maybe we
should take a more generic approach.  How about if we skip the device
(same behavior as your patch), but further down in the function such
that it only happens when the eth_open_cached() fails.  The error
message should be kept (possibly reworded), but changed into a
warning.  The advantages I see to this are:

o It is a more general solution based on behavior rather than hard
  coding Mac OS X and vmware fusion device names.

o If VMWare fixes the issue, we'll automatically be able to detect
  that and Nmap will work on those systems without us having to change
  the code again.

Do you think you could make a patch like this?  It should be pretty
straightforward, but I'd rather not try since I don't have a MAC or
VMWare fusion to test it on.  Nmap seems to work fine with VMWare
running on Linux.

Thanks,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org