Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [p3scan] Target ip error!

    Scheduled Pinned Locked Moved pfSense Packages
    7 Posts 4 Posters 4.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      firewall
      last edited by

      Hi, I write from Italy…
      I installed on my pfsense, P3Scan 2.3.2
      It works properly only if specific manually and statically:
      targetip = IP address MY PROVIDER
      targetport = 110
      Although I created the rule firewall PF:
      rdr on rl0 proto tcp from rl0:network to any port 110 -> 127.0.0.1
      OR
      rdr pass on rl0 proto tcp from rl0:network to any port 110 -> 127.0.0.1
      port 8110

      does not work …

      Output p3scan in debug mode:

      Server p3scan[513]: Connection from 10.0.0.2:60938
      Server p3scan[513]: Real-server adress is 0.0.0.0

      Server p3scan[513]: Cannot connect to real-server

      –-----

      or, on another machine


      Server p3scan[513]: Connection from 10.0.0.2:60938
      Server p3scan[513]: Real-server adress is 10.0.0.1

      Server p3scan[513]: Oops, that would loop! … -------
      Can you help?
      THANKS

      1 Reply Last reply Reply Quote 0
      • F
        firewall
        last edited by

        ??????

        1 Reply Last reply Reply Quote 0
        • dotdashD
          dotdash
          last edited by

          AFAIK, the p3scan package has been abandoned. I actually don't know how you installed it, as it does not show up as an available package that I have seen…

          1 Reply Last reply Reply Quote 0
          • R
            ron
            last edited by

            firewall,

            It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

            I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

            Regards,
            Ron

            1 Reply Last reply Reply Quote 0
            • F
              firewall
              last edited by

              Thanks ..

              but you can I expect to have resolved this way:?

              
              rdr on rl3 proto tcp from any to any port 110 -> 127.0.0.1 port 8110
              nat on rl3 from 192.168.9.0/24 to 127.0.0.1 port = 8110 -> 127.0.0.1
              
              
              1 Reply Last reply Reply Quote 0
              • N
                NicolaPaone
                last edited by

                @ron:

                firewall,

                It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

                I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

                Regards,
                Ron

                Hello everyone,
                I too found the bugs in question … I even tried to compile the package p3scan, but nothing ...

                Under linux (debian), no problem ... everything works the first blow.
                I believe both bugs p3scan for BSD.

                If I may give you a hand, I'm happy to collaborate with you.

                Let me know ....

                1 Reply Last reply Reply Quote 0
                • N
                  NicolaPaone
                  last edited by

                  @NicolaPaone:

                  @ron:

                  firewall,

                  It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

                  I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

                  Regards,
                  Ron

                  Hello everyone,
                  I too found the bugs in question … I even tried to compile the package p3scan, but nothing ...

                  Under linux (debian), no problem ... everything works the first blow.
                  I believe both bugs p3scan for BSD.

                  If I may give you a hand, I'm happy to collaborate with you.

                  Let me know ....

                  @Ron
                  news???

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.