interface selection
Closed this issue · 4 comments
Hello!
I have 2 Debian Sid systems. One has several interfaces, not all have addresses attached (bridge, VLAN-Trunk etc.). One of them has IPv4/IPv6 and works fine.
m@ryz:~$ LANG=C testssl -6 [2a00:1450:4001:828::2003]
#####################################################################
testssl version 3.2rc4 from https://testssl.sh/dev/
This program is free software. Distribution and modification under
GPLv2 permitted. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
Please file bugs @ https://testssl.sh/bugs/
#####################################################################
Using OpenSSL 3.5.0 8 Apr 2025 [~103 ciphers]
on ryz:/usr/bin/openssl
Start 2025-04-13 11:48:04 -->> [2a00:1450:4001:828::2003]:443 (2a00:1450:4001:828::2003) <<--
rDNS (2a00:1450:4001:828::2003): fra24s05-in-x03.1e100.net./usr/bin/testssl: line 11830: 2a00:1450:4001:828::2003: Address family for hostname not supported
/usr/bin/testssl: line 11830: /dev/tcp/2a00:1450:4001:828::2003/443: Invalid argument
Oops: TCP connect problem
Unable to open a socket to [2a00:1450:4001:828::2003]:443.
Fatal error: Can't connect to "[2a00:1450:4001:828::2003]:443"
Make sure a firewall is not between you and your scanning target!
m@ryz:~$
m@ryz:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:xxxxxx brd ff:ff:ff:ff:ff:ff
altname enxxxxxx
3: vlan2@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 08:xxxxxxx brd ff:ff:ff:ff:ff:ff
inet 82.xxxxxx/32 scope global noprefixroute vlan2
valid_lft forever preferred_lft forever
inet6 2a01:170:xxxxx/64 scope global temporary dynamic
valid_lft 592010sec preferred_lft 73084sec
inet6 2a01:170:xxxxx/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 2591821sec preferred_lft 604621sec
inet6 fe80::xxxxx/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: vlan5@enp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 08xxxxx brd ff:ff:ff:ff:ff:ff
5: bridge0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 6a:xxxxxx brd ff:ff:ff:ff:ff:ff
6: vboxnet0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 0a:xxxxx brd ff:ff:ff:ff:ff:ff
altname enxxxxx
7: vboxnet1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 0a:xxxx brd ff:ff:ff:ff:ff:ff
altname enxxxxx
m@ryz:~$
Is that a problem with interface selection?
It works fine in a Debian sidvirtual machine with only a single interface
Hi,
I can't tell what's wrong as this works for me (tm) :-)
From what you said I'd rather guess it's a problem with the networking like default route or netmask. Check if wget or curl works. There seem to be a even problem with rDNS / PTR records to begin with.
Also, as other applications, testssl.sh doesn't do any interface selection, that's another layer we don't touch and care .
Closing this, if you still believe it's "our" problem I am happy to reopen
Debian sid === Debian trixie?
@.***:~$ echo bla > /dev/tcp/2a00:1450:4001:808::2003/80
That works for me on trixie with bash version 5.2.37(1) .
Pls have a look at line 11830 what that is. Also maybe you're using the Debian version from testssl?