Nmap Development mailing list archives
Fix for route_dst_netlink: can't find interface
From: Joe McEachern <joe () qacafe com>
Date: Sun, 25 Sep 2011 12:20:58 -0400
Hi,
Running nmap-5.61TEST1 on Ubuntu 10.10
Linux cooley 2.6.35-22-generic #35-Ubuntu SMP Sat Oct 16 20:45:36 UTC 2010
x86_64 GNU/Linux
For some of the IPv6 scans, we always hit a route_dst_netlink: can't find
interface "cdr0" error. cdr0 is a dynamic TAP interface on our system.
We are doing scans like these ...
nmap -n -T4 -v -oN - -PN -sS -6 fe80::2e6b:f5ff:fe1a:9107%cdr0
nmap --iflist shows the interface, but its does not list its IPv6 address.
The address is reported correctly using ifconfig.
I traced the problem back to a libdnet issue in libdnet-stripped/src/intf.c.
When reading /proc/net/if_inet6 there is an assumption that the if_index is
only a 2 digit hex value. This is true most of the time, but if your system
creates/deletes lots of dynamic interfaces, eventually the if_index on an
interface will be greater than 255 and consume more digits in
/proc/net/if_inet6. The sscanf will fail and the IPv6 address will not be
read.
$ ifconfig -a
cdr0 Link encap:Ethernet HWaddr 00:0a:0a:00:00:01
inet6 addr: fe80::20a:aff:fe00:1/64 Scope:Link
inet6 addr: 4444::20a:aff:fe00:1/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
$ nmap --iflist
Starting Nmap 5.61TEST1 ( http://nmap.org ) at 2011-09-24 09:16 EDT
************************INTERFACES************************
DEV (SHORT) IP/MASK TYPE UP MTU MAC
lo (lo) 127.0.0.1/8 loopback up 16436
lo (lo) ::1/128 loopback up 16436
eth1 (eth1) (null)/0 ethernet up 1500
00:04:23:C5:C2:A0
eth0 (eth0) 172.16.1.198/24 ethernet up 1500
00:1C:C0:93:33:FB
eth0 (eth0) 4444::21c:c0ff:fe93:33fb/64 ethernet up 1500
00:1C:C0:93:33:FB
eth0 (eth0) fe80::21c:c0ff:fe93:33fb/64 ethernet up 1500
00:1C:C0:93:33:FB
eth2 (eth2) (null)/0 ethernet up 1500
00:04:23:C5:C2:A1
vboxnet0 (vboxnet0) (null)/0 ethernet down 1500
0A:00:27:00:00:00
cdr0 (cdr0) (null)/0 ethernet up 1500
00:0A:0A:00:00:01
Here is an example of our /proc/net/if_inet6
joe@cooley:~/nmap/nmap-5.61TEST1$ cat /proc/net/if_inet6
fe80000000000000020a0afffe000001 21d 40 20 80 cdr0
4444000000000000020a0afffe000001 21d 40 00 80 cdr0
00000000000000000000000000000001 01 80 10 80 lo
One fix is to relax the %02 to just %x during the sscanf. I've verified that
this resolves the issue for us and IPv6 scans now work for us.
Here is the change:
joe@cooley:~/nmap$ diff -Naur nmap-5.61TEST1/libdnet-stripped/src/intf.c
nmap-5.61TEST1.patch/libdnet-stripped/src/intf.c
--- nmap-5.61TEST1/libdnet-stripped/src/intf.c 2011-09-17 02:40:41.000000000
-0400
+++ nmap-5.61TEST1.patch/libdnet-stripped/src/intf.c 2011-09-25
08:37:32.000000000 -0400
@@ -560,7 +560,7 @@
if ((f = fopen(PROC_INET6_FILE, "r")) != NULL) {
while (ap < lap &&
fgets(buf, sizeof(buf), f) != NULL) {
- sscanf(buf, "%04s%04s%04s%04s%04s%04s%04s%04s %02x %02x %02x %02x %32s\n",
+ sscanf(buf, "%04s%04s%04s%04s%04s%04s%04s%04s %x %02x %02x %02x %32s\n",
s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7],
&idx, &bits, &scope, &flags, name);
if (strcmp(name, entry->intf_name) == 0) {
--joe
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- Fix for route_dst_netlink: can't find interface Joe McEachern (Sep 25)
- Re: Fix for route_dst_netlink: can't find interface David Fifield (Sep 25)