From ae2f887af10df38ffe42dd2fc959dae0e3cc104a Mon Sep 17 00:00:00 2001 From: david Date: Thu, 24 May 2012 02:56:08 +0000 Subject: [PATCH] Ignore IPMP interfaces in SIOCGLIFCONF intf_loop. This is a (hopefully temporary) workaround for these virtual interfaces on Solaris. They don't work for Nmap because they don't allow packet sniffing, but you can use one of the physical interfaces they're composed of. --- libdnet-stripped/NMAP_MODIFICATIONS | 30 +++++++++++++++++++++++++++++ libdnet-stripped/src/intf.c | 16 +++++++++++++++ 2 files changed, 46 insertions(+) diff --git a/libdnet-stripped/NMAP_MODIFICATIONS b/libdnet-stripped/NMAP_MODIFICATIONS index 7dc896b51..902f66b8e 100644 --- a/libdnet-stripped/NMAP_MODIFICATIONS +++ b/libdnet-stripped/NMAP_MODIFICATIONS @@ -1030,3 +1030,33 @@ Index: src/eth-bsd.c if (e->fd != -1 || errno != EBUSY) break; } + +o Ignored Solaris IPMP interfaces. + +diff --git src/intf.c src/intf.c +index 9f4ba19..25ae999 100644 +--- src/intf.c ++++ src/intf.c +@@ -941,6 +941,22 @@ intf_loop(intf_t *intf, intf_handler callback, void *arg) + + /* Repair the alias name back up */ + if (p) *p = ':'; ++ ++ /* Ignore IPMP interfaces. These are virtual interfaces made up ++ * of physical interfaces. IPMP interfaces do not support things ++ * like packet sniffing; it is necessary to use one of the ++ * underlying physical interfaces instead. This works as long as ++ * the physical interface's test address is on the same subnet ++ * as the IPMP interface's address. */ ++ if (ioctl(intf->fd, SIOCGLIFFLAGS, lifr) >= 0) ++ ; ++ else if (intf->fd6 != -1 && ioctl(intf->fd6, SIOCGLIFFLAGS, lifr) >= 0) ++ ; ++ else ++ return (-1); ++ if (lifr->lifr_flags & IFF_IPMP) { ++ continue; ++ } + + if (_intf_get_noalias(intf, entry) < 0) + return (-1); diff --git a/libdnet-stripped/src/intf.c b/libdnet-stripped/src/intf.c index 9f4ba195b..25ae9996d 100644 --- a/libdnet-stripped/src/intf.c +++ b/libdnet-stripped/src/intf.c @@ -941,6 +941,22 @@ intf_loop(intf_t *intf, intf_handler callback, void *arg) /* Repair the alias name back up */ if (p) *p = ':'; + + /* Ignore IPMP interfaces. These are virtual interfaces made up + * of physical interfaces. IPMP interfaces do not support things + * like packet sniffing; it is necessary to use one of the + * underlying physical interfaces instead. This works as long as + * the physical interface's test address is on the same subnet + * as the IPMP interface's address. */ + if (ioctl(intf->fd, SIOCGLIFFLAGS, lifr) >= 0) + ; + else if (intf->fd6 != -1 && ioctl(intf->fd6, SIOCGLIFFLAGS, lifr) >= 0) + ; + else + return (-1); + if (lifr->lifr_flags & IFF_IPMP) { + continue; + } if (_intf_get_noalias(intf, entry) < 0) return (-1);