More then 32 bfp devices on Freebsd 5.4-RELEASE-p7
Brooks Davis
brooks at one-eyed-alien.net
Mon Oct 17 15:14:46 PDT 2005
On Mon, Oct 17, 2005 at 02:11:17PM +0100, Peter Wood wrote:
> Good Afternoon,
>
> I'm now working at a large UK university in their network support
> department, as such one of my duties is to monitor the residences
> network. To this end I have a cloned nic for every vlan that we have on
> resnet. It roughly comes to over 50 vlans, and FreeBSD its self copes
> very nicely.
>
> However I've run into a small problem when using nmap (and a tiny one in
> Ethereal). Unless you specify the source address and source interface
> for scans nmap will open every network device with bpf. The problem
> comes when it hits the 33rd interface to open, nmap exits.
>
> [eclair:~]# nmap -P0 -p 1-65535 -sS 10.34.96.168
> Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2005-10-17 14:03 BST
> getinterfaces: Failed to open ethernet interface (resnet737)
> QUITTING!
>
> If I truss I get the following:
>
> open("/dev/bpf29",0x1,01002230274) ERR#16 'Device busy'
> open("/dev/bpf30",0x1,01002230274) ERR#16 'Device busy'
> open("/dev/bpf31",0x1,01002230274) ERR#16 'Device busy'
> write(2,0xbfbfab40,60) = 60 (0x3c)
> getinterfaces: Failed to open ethernet interface (resnet737)
>
> So the question is, how can I allow more then 32 bpf devices, in the old
> 4.X series I'd have just tagged a number on the end of the kernel line.
Hmm, I can create more than 32 devices here and the only place the code
returns EBUSY is where more than one process attempts to open the same
device so there's something unobvious going on in nmap. There should be
no real practical limit on bpf devices.
-- Brooks
More information about the freebsd-net
mailing list