From owner-freebsd-net@FreeBSD.ORG Thu Nov 27 12:13:19 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EFE0C1065674 for ; Thu, 27 Nov 2008 12:13:19 +0000 (UTC) (envelope-from dave.edwards@adelaide.on.net) Received: from ipmail01.adl6.internode.on.net (ipmail01.adl6.internode.on.net [203.16.214.146]) by mx1.freebsd.org (Postfix) with ESMTP id 803FC8FC16 for ; Thu, 27 Nov 2008 12:13:19 +0000 (UTC) (envelope-from dave.edwards@adelaide.on.net) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AjEFAFMaLknLevBj/2dsb2JhbACBbdEggn0 X-IronPort-AV: E=Sophos;i="4.33,674,1220193000"; d="scan'208";a="239102179" Received: from ppp240-99.static.internode.on.net (HELO chunga.apana.org.au) ([203.122.240.99]) by ipmail01.adl6.internode.on.net with ESMTP; 27 Nov 2008 22:28:03 +1030 Received: from [10.0.0.58] (tonto.leabrook [10.0.0.58]) by chunga.apana.org.au (8.14.2/8.12.11) with ESMTP id mARBw30E021773 for ; Thu, 27 Nov 2008 22:28:03 +1030 (CST) Message-ID: <492E8B52.9010408@adelaide.on.net> Date: Thu, 27 Nov 2008 22:28:10 +1030 From: Dave Edwards User-Agent: Thunderbird 2.0.0.17 (X11/20080925) MIME-Version: 1.0 To: freebsd-net@freebsd.org X-Enigmail-Version: 0.95.7 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.0.1 (chunga.apana.org.au [10.0.0.1]); Thu, 27 Nov 2008 22:28:03 +1030 (CST) Subject: nmap on FreeBSD 7.0-RELEASE X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Nov 2008 12:13:20 -0000 Hi, I'm having some problems with nmap over the tun device. I connect to the net using ppp and pppoe (adsl) which creates the "tun0" device. My default route goes out that way. Using nmap to try to map an external host: ------------------------- # nmap -vvv -e tun0 -sS -p80,443 1.2.3.4 Starting Nmap 4.76 ( http://nmap.org ) at 2008-11-27 22:05 CST WARNING: Unable to find appropriate interface for system route to 1.2.3.4 nexthost: failed to determine route to 1.2.3.4 QUITTING! -------------------------- This only seems to occur when running nmap as root. As a normal user (using the "connect" scan option) it seems to work ok, but you can only run a SYN scan (or force a specific source port) as root. I think this means that the problem may be related to using a raw socket.. I have the same problem with nmapping over a VPN tunnel as well (another tun device) so I don't think it's the configuration of the ppp session. As root, nmap finds the following interface list (note the missing default route) -------------------------- $ nmap --iflist Starting Nmap 4.76 ( http://nmap.org ) at 2008-11-27 22:00 CST ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC rl0 (rl0) x.x.x.x ethernet up 00:00:E8:7A:EE:1C re0 (re0) x.x.x.x ethernet up 00:E0:4C:50:19:8F lo0 (lo0) 127.0.0.1/8 loopback up tun0 (tun0) x.x.x.x/32 point2point up WARNING: Unable to find appropriate interface for system route to 203.16.215.186 **************************ROUTES************************** DST/MASK DEV GATEWAY 127.0.0.1/32 lo0 127.0.0.1 203.16.215.186/32 tun0 x.x.x.x -------------------------- I've tried creating a host route for the nmap target instead of relying on the default route and I've tried three other versions of nmap. As an aside (or maybe a hint) when compiling nmap from source, there are a number of warnings like: ------------------------ checking net/route.h presence... yes configure: WARNING: net/route.h: present but cannot be compiled configure: WARNING: net/route.h: check for missing prerequisite headers? configure: WARNING: net/route.h: see the Autoconf documentation configure: WARNING: net/route.h: section "Present But Cannot Be Compiled" configure: WARNING: net/route.h: proceeding with the preprocessor's result configure: WARNING: net/route.h: in the future, the compiler will take precedence checking for net/route.h... yes ------------------------- Google has let me down this time. There are a few comments about nmap and FreeBSD but nothing that seems helpful and they are mostly fairly old. Anyone got a clue for me? davo