Nmap Development mailing list archives
Bug on FreeBSD for IPv6
From: <Martin.Gysi () swisscom com>
Date: Mon, 25 Jan 2016 10:20:12 +0000
Hi all I noticed that I cannot scan IPv6 hosts from FreeBSD if they are within the same /32. The scanning host is on network 2001:918:ffff:0::/64, it wrongly assumes that 2001:918:ffff:391a::/64 is also locally connected. nmap -iflist shows a route (2001:918:ffff::/32 bge0 0) that is not actually there on FreeBSD (as shown by netstat -rn). I need to explicitely disable arp-ping for the scan to proceed. root@freeBSD # nmap -6 -vvv 2001:918:ffff:391a::1 -Pn Starting Nmap 7.01 ( https://nmap.org ) at 2016-01-25 13:56 CET Initiating ND Ping Scan at 13:56 Scanning 2001:918:ffff:391a::1 [1 port] Completed ND Ping Scan at 13:56, 0.42s elapsed (1 total hosts) Nmap scan report for 2001:918:ffff:391a::1 [host down, received no-response] Read data files from: /usr/local/share/nmap Nmap done: 1 IP address (0 hosts up) scanned in 0.46 seconds Raw packets sent: 2 (144B) | Rcvd: 0 (0B) root@freeBSD # root@freeBSD #tcpdump -n ip6 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on bge0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:56:04.158306 IP6 2001:918:ffff:0:218:8bff:fef7:afe5 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2001:918:ffff:391a::1, length 32 13:56:04.363360 IP6 2001:918:ffff:0:218:8bff:fef7:afe5 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2001:918:ffff:391a::1, length 32 root@freeBSD # nmap --iflist Starting Nmap 7.01 ( https://nmap.org ) at 2016-01-25 14:01 CET ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MTU MAC em0 (em0) (none)/0 ethernet down 1500 00:25:17:0D:CD:46 bge0 (bge0) 195.186.192.220/29 ethernet up 1500 00:28:8B:F7:AF:E5 bge0 (bge0) fe80:2::afe5/64 ethernet up 1500 00:28:8B:F7:AF:E5 bge0 (bge0) 2001:918:ffff:0::afe5/64 ethernet up 1500 00:28:8B:F7:AF:E5 bge1 (bge1) (none)/0 ethernet down 1500 00:28:8B:F7:AF:E6 lo0 (lo0) 127.0.0.1/8 loopback up 16384 lo0 (lo0) ::1/128 loopback up 16384 lo0 (lo0) fe80:4::1/64 loopback up 16384 **************************ROUTES************************** DST/MASK DEV METRIC GATEWAY 127.0.0.1/32 lo0 0 195.186.192.220/32 lo0 0 195.186.192.216/29 bge0 0 0.0.0.0/0 bge0 0 195.186.192.217 2001:918:ffff:0:218:8bff:fef7:afe5/128 lo0 0 fe80::218:8bff:fef7:afe5/128 lo0 0 ::1/128 lo0 0 fe80::1/128 lo0 0 fe80::/32 lo0 0 ::1 ::/32 lo0 0 ::1 ::ffff:0.0.0.0/32 lo0 0 ::1 fe80::/32 bge0 0 fe80::/32 lo0 0 2001:918:ffff::/32 bge0 0 ff01::/32 bge0 0 fe80::218:8bff:fef7:afe5 ff01::/32 lo0 0 ::1 ff02::/32 lo0 0 ::1 ff02::/32 bge0 0 fe80::218:8bff:fef7:afe5 ff02::/32 lo0 0 ::1 ::/0 bge0 0 fe80::20f:35ff:fe62:3819 root@freeBSD # netstat -6rn Routing tables Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRS lo0 default fe80::20f:35ff:fe62:3819%bge0 UG bge0 ::1 link#4 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRS lo0 2001:918:ffff::/64 link#2 U bge0 2001:918:ffff:0:218:8bff:fef7:afe5 link#2 UHS lo0 fe80::/10 ::1 UGRS lo0 fe80::%bge0/64 link#2 U bge0 fe80::218:8bff:fef7:afe5%bge0 link#2 UHS lo0 fe80::%lo0/64 link#4 U lo0 fe80::1%lo0 link#4 UHS lo0 ff01::%bge0/32 fe80::218:8bff:fef7:afe5%bge0 U bge0 ff01::%lo0/32 ::1 U lo0 ff02::/16 ::1 UGRS lo0 ff02::%bge0/32 fe80::218:8bff:fef7:afe5%bge0 U bge0 ff02::%lo0/32 ::1 U lo0
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Bug on FreeBSD for IPv6 Martin.Gysi (Jan 25)
- Re: Bug on FreeBSD for IPv6 Daniel Miller (Jan 25)
- Re: Bug on FreeBSD for IPv6 Daniel Miller (Feb 10)
- Re: Bug on FreeBSD for IPv6 Daniel Miller (Jan 25)