Nmap Development mailing list archives
Re: OS X 10.6 diagnosis: pcap timeout and bpf device access
From: Walt Scrivens <walts () gate net>
Date: Tue, 10 Nov 2009 10:32:29 -0500
David, As I said in my earlier e-mail, I compiled for 32 bit configuration and nmap seemed to work OK. I just installed Apple's latest update, 10.6.2, and re-complied without the 32-bit switches; nmap now seems to work properly! Walt ===================== TestComputer:nmap walts$ ./configure checking build system type... i386-apple-darwin10.2.0 checking host system type... i386-apple-darwin10.2.0 checking for gcc... gcc . . . Configuration complete. Type make (or gmake on some *BSD machines) to compile. TestComputer:nmap walts$ make Compiling liblua make[1]: `liblua.a' is up to date. Compiling libdnet Making all in include make all-recursive Making all in dnet make[4]: Nothing to be done for `all'. Making all in src make[2]: Nothing to be done for `all'. make[2]: Nothing to be done for `all-am'. Compiling libnbase cd nbase && make make[1]: Nothing to be done for `all'. Compiling libnsock cd nsock/src && make cd ../../nbase && make make[2]: Nothing to be done for `all'. cd ncat && make Compiling libnsock cd ../nsock/src && make cd ../../nbase && make make[3]: Nothing to be done for `all'. make nmap build-zenmap build-ndiff make[1]: `nmap' is up to date. cd zenmap && /usr/bin/python setup.py build running build running build_py running build_scripts cd ndiff && /usr/bin/python setup.py build running build running build_scripts TestComputer:nmap walts$ sudo nmap -sP -d9 scanme.nmap.org Password: Starting Nmap 5.00 ( http://nmap.org ) at 2009-11-10 10:26 EST The max # of sockets we are using is: 0 --------------- Timing report --------------- hostgroups: min 1, max 100000 rtt-timeouts: init 1000, min 100, max 10000 max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 parallelism: min 0, max 0 max-retries: 10, host-timeout: 0 min-rate: 0, max-rate: 0 --------------------------------------------- Warning: File ./nse_main.lua exists, but Nmap is using /usr/local/share/nmap/nse_main.lua for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too). Fetchfile found /usr/local/share/nmap/nse_main.lua Fetchfile found /usr/local/share/nmap/nselib/ Fetchfile found /usr/local/share/nmap/scripts/script.db NSE: Loaded 0 scripts for scanning. Warning: Unable to open interface vmnet1 -- skipping it. Warning: Unable to open interface vmnet8 -- skipping it. Initiating Ping Scan at 10:26 Scanning 64.13.134.52 [4 ports] Pcap filter: dst host 192.168.1.144 and (icmp or ((tcp or udp or sctp) and (src host 64.13.134.52))) Packet capture filter (device en1): dst host 192.168.1.144 and (icmp or ((tcp or udp or sctp) and (src host 64.13.134.52))) SENT (0.5780s) ICMP 192.168.1.144 > 64.13.134.52 echo request (type=8/code=0) ttl=50 id=36516 iplen=7168 SENT (0.5780s) TCP 192.168.1.144:33028 > 64.13.134.52:443 S ttl=53 id=53135 iplen=11264 seq=2901364014 win=2048 <mss 1460> SENT (0.5780s) TCP 192.168.1.144:33028 > 64.13.134.52:80 A ttl=49 id=50743 iplen=10240 seq=2901364014 win=2048 ack=3621513297 SENT (0.5780s) ICMP 192.168.1.144 > 64.13.134.52 Timestamp request (type=13/code=0) ttl=59 id=31798 iplen=10240 **TIMING STATS** (0.5780s): IP, probes active/freshportsleft/retry_stack/outstanding/retranwait/onbench, cwnd/ssthresh/delay, timeout/srtt/rttvar/ Groupstats (1/1 incomplete): 4/*/*/*/*/* 10.00/75/* 1000000/-1/-1 64.13.134.52: 4/0/0/4/0/0 10.00/75/0 1000000/-1/-1 Current sending rates: 1725.63 packets / s, 65573.77 bytes / s. Overall sending rates: 1725.63 packets / s, 65573.77 bytes / s. RCVD (0.5900s) ICMP 172.16.0.254 > 192.168.1.144 network 64.13.134.52 unreachable (type=3/code=0) ttl=254 id=50922 iplen=56 Found 64.13.134.52 in incomplete hosts list. Got destination unreachable for 64.13.134.52 ultrascan_host_probe_update called for machine 64.13.134.52 state UNKNOWN -> HOST_DOWN (trynum 0 time: 20468) Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 11413 ==> srtt: 11413 rttvar: 11413 to: 100000 Timeout vals: srtt: -1 rttvar: -1 to: 1000000 delta 11413 ==> srtt: 11413 rttvar: 11413 to: 100000 **TIMING STATS** (0.5990s): IP, probes active/freshportsleft/retry_stack/outstanding/retranwait/onbench, cwnd/ssthresh/delay, timeout/srtt/rttvar/ Groupstats (1/1 incomplete): 3/*/*/*/*/* 11.00/75/* 100000/11413/11413 64.13.134.52: 3/0/0/3/0/0 11.00/75/0 100000/11413/11413 Current sending rates: 175.25 packets / s, 6659.66 bytes / s. Overall sending rates: 175.25 packets / s, 6659.66 bytes / s. **TIMING STATS** (0.6800s): IP, probes active/freshportsleft/retry_stack/outstanding/retranwait/onbench, cwnd/ssthresh/delay, timeout/srtt/rttvar/ Groupstats (1/1 incomplete): 0/*/*/*/*/* 11.00/75/* 100000/11413/11413 64.13.134.52: 0/0/0/3/3/0 11.00/75/0 100000/11413/11413 Current sending rates: 38.50 packets / s, 1463.07 bytes / s. Overall sending rates: 38.50 packets / s, 1463.07 bytes / s. RCVD (0.7260s) ICMP 64.13.134.52 > 192.168.1.144 echo reply (type=0/code=0) ttl=54 id=16587 iplen=28 Found 64.13.134.52 in incomplete hosts list. We got a ping packet back from 64.13.134.52: id = 54203 seq = 0 checksum = 11332 ultrascan_host_probe_update called for machine 64.13.134.52 state HOST_DOWN -> HOST_UP (trynum 0 time: 152279) Timeout vals: srtt: 11413 rttvar: 11413 to: 100000 delta 136849 ==> srtt: 28519 rttvar: 42772 to: 199607 Timeout vals: srtt: 11413 rttvar: 11413 to: 100000 delta 136849 ==> srtt: 28519 rttvar: 42772 to: 199607 Changing ping technique for 64.13.134.52 to icmp type 8 code 0 Moving 64.13.134.52 to completed hosts list with 0 outstanding probes. Changing global ping host to 64.13.134.52. Completed Ping Scan at 10:26, 0.15s elapsed (1 total hosts) Overall sending rates: 25.89 packets / s, 984.00 bytes / s. pcap stats: 952 packets received by filter, 0 dropped by kernel. mass_rdns: Using DNS server 192.168.1.1 NSOCK (0.7900s) UDP connection requested to 192.168.1.1:53 (IOD #1) EID 8 NSOCK (0.7900s) Read request from IOD #1 [192.168.1.1:53] (timeout: -1ms) EID 18 Initiating Parallel DNS resolution of 1 host. at 10:26 mass_rdns: TRANSMITTING for <64.13.134.52> (server <192.168.1.1>) NSOCK (0.7900s) Write request for 43 bytes to IOD #1 EID 27 [192.168.1.1:53]: .>...........52.134.13.64.in-addr.arpa..... NSOCK (0.7900s) nsock_loop() started (timeout=500ms). 3 events pending NSOCK (0.7900s) Callback: CONNECT SUCCESS for EID 8 [192.168.1.1:53] NSOCK (0.7900s) Callback: WRITE SUCCESS for EID 27 [192.168.1.1:53] NSOCK (0.9740s) Callback: READ SUCCESS for EID 18 [192.168.1.1:53] (168 bytes) NSOCK (0.9740s) Read request from IOD #1 [192.168.1.1:53] (timeout: -1ms) EID 34 CAPACITY <192.168.1.1> = 12 mass_rdns: OK MATCHED <64.13.134.52> to <scanme.nmap.org> mass_rdns: 0.24s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1] Completed Parallel DNS resolution of 1 host. at 10:26, 0.18s elapsed DNS resolution of 1 IPs took 0.24s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0] Host scanme.nmap.org (64.13.134.52) is up, received echo-reply (0.029s latency). No data files read. Nmap done: 1 IP address (1 host up) scanned in 0.97 seconds Raw packets sent: 4 (152B) | Rcvd: 2 (84B) TestComputer:nmap walts$ On Nov 9, 2009, at 12:54 AM, David Fifield wrote:
I committed the O_RDWR change. With that, a temporary workaround for this problem is to compile in 32-bit mode by configuring like this: ./configure CFLAGS="-m32" CXXFLAGS="-m32" LDFLAGS="-m32" I'm going to try reinstalling MacPorts under 10.6 and see if I can make a release like that. If not, I'll revert back to my 10.5 installation for the next release. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: OS X 10.6 Problems with privileged scans, (continued)
- Re: OS X 10.6 Problems with privileged scans Walt Scrivens (Oct 23)
- Re: OS X 10.6 Problems with privileged scans Tom Sellers (Oct 23)
- Re: OS X 10.6 Problems with privileged scans Walt Scrivens (Oct 23)
- OS X 10.6 diagnosis: pcap timeout and bpf device access David Fifield (Nov 07)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access Walt Scrivens (Nov 07)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access David Fifield (Nov 07)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access David Fifield (Nov 08)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access Walt Scrivens (Nov 09)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access Walt Scrivens (Nov 10)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access David Fifield (Nov 10)
- Re: OS X 10.6 diagnosis: pcap timeout and bpf device access David Fifield (Nov 10)