Ping every IP on subnet?



  • In PF 123 is it possible to ping the whole subnet as in every IP once just to see what with static IP's show UP?


  • Rebel Alliance Developer Netgate

    You can install the nmap package and use nmap to run a ping sweep of the subnet to see what reponds.

    You might also be able to ping the broadcast IP of the subnet.

    However in either case, you aren't guaranteed a response from every IP, some things might block or drop pings.



  • @jimp:

    However in either case, you aren't guaranteed a response from every IP, some things might block or drop pings.

    Fortunately nmap, when run as the superuser, uses arp requests by default for ping scans on local subnets, so a command like this:

    
    nmap -T5 -sP 192.168.1.0/24
    
    

    Will uncover connected LAN hosts, even if they aren't responding to ICMP echo requests.


  • Rebel Alliance Developer Netgate

    Actually you'd want to do something more like:

    nmap -sP -PR -n -e em0 192.168.1.0/24
    

    (Replace em0 with the interface with that subnet)

    Otherwise it might latch onto the wrong interface and fail to do what you want.



  • @jimp:

    Otherwise it might latch onto the wrong interface and fail to do what you want.

    Huh? I'll take your word for it, but I thought it just used the system routing table to choose the interface. Granted, I mostly use it in Linux, so maybe it works differently in pfsense. Sorry for the OT.


  • Rebel Alliance Developer Netgate

    It's not OT actually it's perfectly on topic in this thread :-)

    The nmap package is handy for these kinds of tasks. I had to run a report for someone earlier today and discovered that quirk.

    For whatever bizarre reason nmap (on two separate pfSense boxes) decided it wanted to source traffic weirdly, even when there was a locally connected interface, so the arp failed to respond as expected. Without passing "-e foo0" it would not get valid results no matter how I tried to scan. I pass it "-e foo0" and bam, perfect.


Log in to reply