Re: lingering problem: route_dst_netlink: can't find interface

[David Fifield <david () bamsoftware com>]

On Wed, Aug 22, 2012 at 08:20:10PM -0400, starlight.2012q3 () binnacle cx wrote:
> Perhaps I should mention a particular
> interest in the new/revised routing
> table support.
>
> Have a system where 'iproute2' is used
> to create an alternate routing table
> for the source address of one interface
> on a Linux router.  For the one interface
> the default route points in a different
> direction then the normal default route.
>
> Would like for 'nmap' to be able to
> correctly use the alternate routing
> table when the -S <src addr> option
> is applied.  Reason is that this interface
> connects directly to the Internet
> where other interfaces route through
> a Cisco firewall.
>
>    ping -i <src_addr> <dst_addr>
>
> and
>
>    traceroute -s <src_addr> <dst_addr>
>
> both work correctly here, but 'nmap'
> 5.51.6 does not see the alternate
> routing table and fails.
>
> Seems like the new 'nmap' routing
> logic would be intended to handle
> IPv6 and esoteric 'iproute2' setups.
> But rather than assume this it seems
> better to mention it before the logic
> is modified, in case this scenario has
> not been considered.  No easy way to
> tell since the 'route_dst_netlink'
> problem prevents getting that far.

I think that what you are asking for is already mostly present.
route_dst_netlink, a function used only on Linux, uses the same Netlink
interface used by the iproute2 tools. Part of the reason for switching
to Netlink was for better IPv6 support.

It is possible that an unrelated other bug is preventing it from working
the way you expect, but I think that we already do basically what you
are suggesting, if I understand you correctly.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/