Friday, August 24, 2007

VMWare Fusion Doesn't Play Nice With BPF

For a while now I've been avoiding a problem with NMap and OS/X w/ VMWare Fusion installed. It's been posted about a few times on the mailing list and I always say "just shut Fusion down for it to work." Yeah, it works but it's not a real solution.

So I spent a few minutes today to figure out just WHY this is happening. Turns out my original assumption of Fusion not building "valid" interfaces is partly correct. The "vmnet[x]" interfaces can not be opened with BPF! I wrote a quick program to check it out:
macpro:~ grutz$ sudo ./testbpf vmnet8
ERROR: Device not configured
ktrace validates:
2721 testbpf CALL ioctl(0x83,0x8020426c ,0xbffffb28)
2721 testbpf RET ioctl -1 errno 6 Device not configured
So VMWare isn't creating valid interfaces. No tcpdump for you (and no nmap)! The solutions so far have been to shutdown the interfaces but what if you need to keep Fusion up and running?

Here's a quick and dirty patch applied to tcpip.cc that will skip over the vmnet interfaces. Until Fusion fixes their set up this is the only way it'll work.
/* skip broken VMWare Fusion vmnet interfaces */
#ifdef MACOSX
if (strncmp(ifr->ifr_name, "vmnet", 5) == 0)
continue;
#endif
Sigh.

Wednesday, August 08, 2007

Chaos Camp 2007: The beginning!


Short and brief here. Surprisingly we all made it here in time to defend our freedoms and set up camp before another group could claim. Of course since we're the American Embassy here we would've taken the land anyways. We're Americans, whats yours will soon be ours!!

To be honest I'm really amazed at everything here. The people are awesome, the environment couldn't be better and the number of unique camps, activities and talks available simply can not be beat. If you're awake at 4am PST you can watch the talks live at http://events.ccc.de/camp/2007/Streams