Handle non-local source IPs better

Author: sfan5

src/main.c

@@ -396,34 +396,46 @@ int main(int argc, char *argv[])
 			}
 		}
 
-		rawsock_eth_settings(source_mac, router_mac);
-		rawsock_ip_settings(source_addr, ttl);
-
 		// Handle --source-port: auto-detection, reservation, errors
-		if (r == 0) {
-			const bool mandatory = banners && ip_type == IP_TYPE_TCP;
-			const bool useful = mandatory || (banners && ip_type == IP_TYPE_UDP);
+		const bool port_mandatory = banners && ip_type == IP_TYPE_TCP;
+		if (r == 0 && rawsock_islocal(source_addr) == 0) {
+			// We're using an unassigned IP, pick any random port. No need to
+			// reserve it or care about the OS.
+			if (port_mandatory && source_port == -1) {
+				source_port = 25000 + rand() % 40000;
+				log_raw("Using random source port: %d", source_port);
+			}
+		} else if (r == 0) {
+			const bool port_useful = banners && ip_type == IP_TYPE_UDP;
 			bool auto_failed = false;
 
-			if (mandatory || useful) {
+			if (port_mandatory || port_useful) {
 				int tmp = rawsock_reserve_port(source_addr, ip_type, source_port == -1 ? 0 : source_port);
 				if (tmp >= 0) {
-					log_debug("reserved source port: %d", tmp);
 					source_port = tmp;
+					if (port_mandatory)
+						log_raw("Using reserved source port: %d", source_port);
+					else
+						log_debug("Using reserved source port: %d", source_port);
 				} else {
 					auto_failed = tmp == -1;
 				}
 			}
 
 			assert(source_port != 0);
-			if (mandatory && source_port == -1) {
+			if (port_mandatory && source_port == -1) {
 				log_raw("A source port is required but was not given%s.",
 					auto_failed ? " (automatic reservation failed)" : "");
 				r = 1;
+			} else if (auto_failed) {
+				// assume the user knows what he's doing
+				log_debug("automatic port reservation failed");
 			}
 		}
 
 		if (r == 0) {
+			rawsock_eth_settings(source_mac, router_mac);
+			rawsock_ip_settings(source_addr, ttl);
 			scan_set_general(&ports, max_rate, show_closed, banners);
 			scan_set_network(source_addr, source_port, ip_type);
 			scan_set_output(outfile, outdef);

src/rawsock-routes.c

@@ -44,7 +44,7 @@ int rawsock_getdev(char **out_dev)
 		if(!(d->flags & PCAP_IF_UP))
 			continue;
 		for(pcap_addr_t *a = d->addresses; a; a = a->next) {
-			if(((struct sockaddr*)a->addr)->sa_family != AF_INET6)
+			if(a->addr->sa_family != AF_INET6)
 				continue;
 			struct sockaddr_in6 *inaddr = (struct sockaddr_in6*) a->addr;
 			// Exclude link-local fe80::
@@ -301,6 +301,36 @@ int rawsock_getsrcip(const struct sockaddr_in6 *dest, const char *interface, uin
 	return ret;
 }
 
+int rawsock_islocal(const uint8_t *ip)
+{
+	char errbuf[PCAP_ERRBUF_SIZE];
+	pcap_if_t *alldevs, *d;
+
+	if(pcap_findalldevs(&alldevs, errbuf) != 0) {
+		log_debug("pcap_findalldevs: %s", errbuf);
+		return -1;
+	}
+
+	int ret = 0;
+	for(d = alldevs; d; d = d->next) {
+		if(!(d->flags & PCAP_IF_UP))
+			continue;
+		for(pcap_addr_t *a = d->addresses; a; a = a->next) {
+			if(a->addr->sa_family != AF_INET6)
+				continue;
+			struct sockaddr_in6 *inaddr = (struct sockaddr_in6*) a->addr;
+			if(!memcmp(inaddr->sin6_addr.s6_addr, ip, 16)) {
+				ret = 1;
+				goto found;
+			}
+		}
+	}
+
+found:
+	pcap_freealldevs(alldevs);
+	return ret;
+}
+
 int rawsock_reserve_port(const uint8_t *addr, int type, int port)
 {
 #ifdef __linux__

src/rawsock.h

@@ -74,6 +74,8 @@ int rawsock_getmac(const char *dev, uint8_t *mac); // MAC of the adapter/intf
 int rawsock_getgw(const char *dev, uint8_t *mac); // MAC of the default router/gateway
 // advice: 0=quiet, 1=default route, 2=specific IP
 int rawsock_getsrcip(const struct sockaddr_in6 *dest, const char *interface, uint8_t *ip, int advice);
+/// @return 1 if IP is local to this host, 0 if not, -1 if error
+int rawsock_islocal(const uint8_t *ip);
 /**
  * Reserve a local port on the specified IP for the rest of the program lifetime.
  * The effect should be that the kernel ignores any packets to this tuple.