[p3scan] Target ip error!



  • Hi, I write from Italy…
    I installed on my pfsense, P3Scan 2.3.2
    It works properly only if specific manually and statically:
    targetip = IP address MY PROVIDER
    targetport = 110
    Although I created the rule firewall PF:
    rdr on rl0 proto tcp from rl0:network to any port 110 -> 127.0.0.1
    OR
    rdr pass on rl0 proto tcp from rl0:network to any port 110 -> 127.0.0.1
    port 8110

    does not work …

    Output p3scan in debug mode:

    Server p3scan[513]: Connection from 10.0.0.2:60938
    Server p3scan[513]: Real-server adress is 0.0.0.0

    Server p3scan[513]: Cannot connect to real-server

    –-----

    or, on another machine


    Server p3scan[513]: Connection from 10.0.0.2:60938
    Server p3scan[513]: Real-server adress is 10.0.0.1

    Server p3scan[513]: Oops, that would loop! … -------
    Can you help?
    THANKS



  • ??????



  • AFAIK, the p3scan package has been abandoned. I actually don't know how you installed it, as it does not show up as an available package that I have seen…



  • firewall,

    It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

    I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

    Regards,
    Ron



  • Thanks ..

    but you can I expect to have resolved this way:?

    
    rdr on rl3 proto tcp from any to any port 110 -> 127.0.0.1 port 8110
    nat on rl3 from 192.168.9.0/24 to 127.0.0.1 port = 8110 -> 127.0.0.1
    
    


  • @ron:

    firewall,

    It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

    I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

    Regards,
    Ron

    Hello everyone,
    I too found the bugs in question … I even tried to compile the package p3scan, but nothing ...

    Under linux (debian), no problem ... everything works the first blow.
    I believe both bugs p3scan for BSD.

    If I may give you a hand, I'm happy to collaborate with you.

    Let me know ....



  • @NicolaPaone:

    @ron:

    firewall,

    It will be a few days possibly, but I'll put together a new update to the p3scan package shortly that fixes your issue.  I got approval from the original pfSense package maintainer to take over the maintainership, and I've been working on an update to the package.  The issue you are seeing is that the original p3scan-pf port does not correctly account for the packet redirect when using the PF redirection (i.e. the code doesn't look up the original sender IP address correctly in the TCP packet when using it in transparent mode, and it then sees itself as the original packer sender which loops).  The issue has nothing to do with the pfSense package, and is a bug in the base p3scan port to FreeBSD.  I have fixed it and have it working on one of my systems now.  I just need some time to get the patches together.

    I also have an update to the ClamAV pfSense package coming too that goes with this for AV scanning.  I'll have to get someone in the coreteam to post the updates when they are ready.

    Regards,
    Ron

    Hello everyone,
    I too found the bugs in question … I even tried to compile the package p3scan, but nothing ...

    Under linux (debian), no problem ... everything works the first blow.
    I believe both bugs p3scan for BSD.

    If I may give you a hand, I'm happy to collaborate with you.

    Let me know ....

    @Ron
    news???


Log in to reply