Error receiving from ethtool socket

TheToddLuci0 commented 1 month ago

Installed via install.sh

I get the following, regardless of args

┌──(kali㉿kali)-[/tmp]
└─$ sudo sanicdns -i majestic_million.txt --resolvers 1.0.0.1,8.8.8.8 -o /tmp/sanic.txt -w 4 --postfix .example.com 
error: error:, channel_count error: Error receiving from ethtool socket

ethtool is installed

┌──(kali㉿kali)-[/tmp]
└─$ ethtool -h
ethtool version 6.10

Geertiebear commented 1 month ago

Hey!

Thanks for reaching out, the error seems to come from our code that does NIC channel detection. Could you post the output of sudo ethtool -l?

TheToddLuci0 commented 1 month ago

┌──(kali㉿kali)-[~]
└─$ sudo ethtool -l
ethtool: bad command line argument(s)
For more information run ethtool -h

┌──(kali㉿kali)-[~]
└─$ sudo ethtool --show-channels
ethtool: bad command line argument(s)
For more information run ethtool -h

┌──(kali㉿kali)-[~]
└─$ sudo ethtool eth0
Settings for eth0:
        Supported ports: [ TP ]
        Supported link modes:   10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
                                1000baseT/Full
        Supported pause frame use: No
        Supports auto-negotiation: Yes
        Supported FEC modes: Not reported
        Advertised link modes:  10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
                                1000baseT/Full
        Advertised pause frame use: No
        Advertised auto-negotiation: Yes
        Advertised FEC modes: Not reported
        Speed: 1000Mb/s
        Duplex: Full
        Auto-negotiation: on
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        MDI-X: Unknown
        Supports Wake-on: d
        Wake-on: d
        Current message level: 0x00000007 (7)
                               drv probe link
        Link detected: yes

┌──(kali㉿kali)-[~]
└─$ sudo ethtool monitor -l
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
netlink error: no device matches name (offset 24)
netlink error: No such device
No data available

┌──(kali㉿kali)-[~]
└─$

Geertiebear commented 4 weeks ago

Do you know the name of your NIC/which driver it uses?

SharokhAtaie commented 1 week ago

Hello @Geertiebear

i have this issue too:

➜  ~ sudo sanicdns -i /opt/wordlists/subdomain/static/2m-subdomains.txt --postfix .test.com --resolvers 1.1.1.1 -o out.txt --num-retries 15
error: error:, channel_count error: Error receiving from ethtool socket

➜  ~ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        inet6 fe80::42:2aff:fe51:71a3  prefixlen 64  scopeid 0x20<link>
        ether 02:42:2a:51:71:a3  txqueuelen 0  (Ethernet)
        RX packets 13  bytes 3992 (3.9 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 22  bytes 2133 (2.1 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 146.59.161.39  netmask 255.255.255.255  broadcast 0.0.0.0
        inet6 fe80::250:56ff:fe0b:6025  prefixlen 64  scopeid 0x20<link>
        ether 00:50:56:0b:60:25  txqueuelen 1000  (Ethernet)
        RX packets 93875327  bytes 77918222253 (77.9 GB)
        RX errors 0  dropped 32632  overruns 0  frame 0
        TX packets 84297443  bytes 26190756752 (26.1 GB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 112965  bytes 19373929 (19.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 112965  bytes 19373929 (19.3 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

➜  ~ sudo ethtool ens160
Settings for ens160:
        Supported ports: [ TP ]
        Supported link modes:   1000baseT/Full
                                10000baseT/Full
        Supported pause frame use: No
        Supports auto-negotiation: No
        Supported FEC modes: Not reported
        Advertised link modes:  Not reported
        Advertised pause frame use: No
        Advertised auto-negotiation: No
        Advertised FEC modes: Not reported
        Speed: 10000Mb/s
        Duplex: Full
        Auto-negotiation: off
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        MDI-X: Unknown
        Supports Wake-on: uag
        Wake-on: d
        Link detected: yes

kalmjasper commented 1 week ago

Hey @SharokhAtaie, can you try to run sudo ethtool -l ens160? SanicDNS should run the same command under the hood, maybe the driver for your NIC doesn't support the ETHTOOL_GCHANNELS command.

SharokhAtaie commented 1 week ago

Hi @kalmjasper , when i run that command, i got this error:

 ~ sudo ethtool -l ens160
netlink error: Operation not supported

after that i run this command for more information:

 ~ sudo ethtool -i ens160
driver: vmxnet3
version: 1.6.0.0-k-NAPI
firmware-version: 
expansion-rom-version: 
bus-info: 0000:03:00.0
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: yes
supports-priv-flags: no

this is not my own computer i use server or VPS. have you solution for this problem?

Geertiebear commented 1 week ago

@SharokhAtaie awesome, thanks! Could you run uname -r? That will tell us which version of Linux you are running and will help us confirm our suspicions about the root cause of the bug.

SharokhAtaie commented 1 week ago

Hi @Geertiebear

Here is the information you requested:

 ~ uname -r
5.15.0-18-generic

 ~ cat /proc/version
Linux version 5.15.0-18-generic (buildd@lcy02-amd64-041) (gcc (Ubuntu 11.2.0-14ubuntu1) 11.2.0, GNU ld (GNU Binutils for Ubuntu) 2.37.50.20220106) #18-Ubuntu SMP Fri Jan 21 14:57:54 UTC 2022

Geertiebear commented 1 week ago

Awesome, thanks! Our investigation has yielded that support for AF_XDP (which SanicDNS relies on) was only added to the vmxnet3 driver (the one you are using) since Linux kernel version 6.6. Could you please update to at least that version, or higher, to ensure your NIC driver is compatible with SanicDNS? Don't forget to restart after you've upgraded your kernel ;) Let us know if this resolves the issue!

SharokhAtaie commented 1 week ago

Hey @Geertiebear thanks! This issue has been resolved. Upgrade kernel to 6.11.0-061100-generic:

sudo add-apt-repository ppa:cappelikan/ppa
sudo apt update
sudo apt install mainline

mainline --install-latest

kalmjasper commented 1 week ago

Perfect! Let us know if you run into any issues. Do you have any tips for improving the usability of the tool and what is the speed you're getting?

SharokhAtaie commented 1 week ago

Hey @Geertiebear @kalmjasper , i have this issue again. when i run the tool , it say enter manually static-ip , gateway-ip and gateway-mac. after that again i got this error:

 ~ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 172.17.255.255
        ether 02:42:b1:ff:8b:30  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 2 overruns 0  carrier 0  collisions 0

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 146.59.161.39  netmask 255.255.255.255  broadcast 0.0.0.0
        inet6 fe80::250:56ff:fe0b:6025  prefixlen 64  scopeid 0x20<link>
        ether 00:50:56:0b:60:25  txqueuelen 1000  (Ethernet)
        RX packets 15300  bytes 16820126 (16.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6850  bytes 1130027 (1.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 100  bytes 8045 (8.0 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 100  bytes 8045 (8.0 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 ~ sudo sanicdns -i majestic_million.txt -l log.txt -r 2000 -c 10000 --resolvers 1.1.1.1,1.0.0.1 -o out.txt -s 146.59.161.39 -g 192.168.0.1 -m 00:50:56:0b:60:25
error: error:, channel_count error: Error receiving from ethtool socket

 ~ cat log.txt
[2024-09-17 12:27:37.926] [info] Got route info: {"if_name":"lo"}
[2024-09-17 12:27:37.927] [warning] Cannot get MAC of 192.168.0.1: ioctl error

[2024-09-17 12:27:37.927] [info] User config: {"headless":false,"cores":2,"rate":2000,"num_concurrent":10000,"timeout_ms":15000,"num_retries":10,"gateway_ip":"192.168.0.1","static_ip":"146.59.161.39","gateway_mac":"00:50:56:0B:60:25","input_file":"majestic_million.txt","xdp_path":"/usr/local/bin/sanicdns_xdp.c.o","resolvers":["1.1.1.1","1.0.0.1"],"log_path":"log.txt","output_path":"out.txt","output_raw":false,"no_huge":false,"debug":false,"q_type":"A"}
[2024-09-17 12:27:37.927] [info] Ethernet config: {"device_name":"lo","dst_mac":"00:50:56:0B:60:25","src_ip":"146.59.161.39","dst_ip":"192.168.0.1"}

Geertiebear commented 1 week ago

Try running the tool with option -d ens160 added, for some reason it's picking up the loopback interface as default NIC. You also shouldn't need to add the ip related options if you add this option.

SharokhAtaie commented 1 week ago

Ok now i got this error:

 ~ sudo sanicdns -i majestic_million.txt -l log.txt -r 2000 -c 10000 --resolvers 1.1.1.1,1.0.0.1 -o out.txt -s 146.59.161.39 -g 94.23.155.156 -m 00:50:56:9d:c9:41 -d ens160
error: error: Running sanicdns with '-w 2' requires 1 queues (current 8). Configure using 'sudo ethtool -L ens160 combined 1'

when i run the command for configure:

 ~ sudo ethtool -L ens160 combined 1
netlink error: Operation not supported

chatGPT says run this command:

 ~ sudo ethtool -l ens160
Channel parameters for ens160:
Pre-set maximums:
RX:             n/a
TX:             n/a
Other:          1
Combined:       8
Current hardware settings:
RX:             n/a
TX:             n/a
Other:          1
Combined:       8

Based on the output of the sudo ethtool -l ens160 command, the NIC interface ens160 supports up to 8 combined channels, but the current hardware settings show that it is already using 8 combined channels.

Geertiebear commented 1 week ago

Hey @SharokhAtaie, it seems the vmxnet3 driver doesn't support changing the number of queues from Linux. This is unfortunate as at the moment we need the number of queues to be equal to the number of worker threads. We're gonna look into if we can support having num_workers < num_queues, but for now you have two options.

Set -w 9. This is num_queues + 1.
Decrease the amount of queues in your VMWare VM configuration.

Hope this helps.

SharokhAtaie commented 1 week ago

Hey @Geertiebear , Thanks

for option 1, i got this error:

 ~ sudo sanicdns -i majestic_million.txt -l log.txt -r 2000 -c 10000 --resolvers 1.1.1.1,1.0.0.1 -o out.txt -s 146.59.161.39 -g 94.23.155.156 -m 00:50:56:9d:c9:41 -d ens160 -w 9
error: minimum number of cores is 2, max is 8

and for option 2, i can't access to VM configuration.

Geertiebear commented 1 week ago

Hm, that's really unfortunate. We could add an override option that disables this check for now. I'll keep you updated when we fix this.

kenjoe41 commented 5 days ago

Been experiencing the same issue. Seems this might not be an easy solve for my network card.

~$ lspci -v
...
02:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (rev 15)
    Subsystem: Dell RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller
    Flags: bus master, fast devsel, latency 0, IRQ 16, IOMMU group 13
    I/O ports at 3000 [size=256]
    Memory at 70804000 (64-bit, non-prefetchable) [size=4K]
    Memory at 70800000 (64-bit, non-prefetchable) [size=16K]
    Capabilities: <access denied>
    Kernel driver in use: r8169
    Kernel modules: r8169

and

~$ sudo ethtool -l enp2s0
netlink error: Operation not supported

while

~$ sudo ethtool -i enp2s0
driver: r8169
version: 6.1.0-25-amd64
firmware-version: rtl8168h-2_0.0.2 02/26/15
expansion-rom-version: 
bus-info: 0000:02:00.0
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: yes
supports-priv-flags: no

Tried stepping back to r8168 but was too sleepy to solve the issues with the card hiding away.

Any hacks or would you rather i start my own question. Seemed like the same issue.

Geertiebear commented 3 days ago

Seems like the same issue, we've thought of a solution and will update you guys on this issue when it's finished.

hadriansecurity / sanicdns

Error receiving from ethtool socket #25