Describe the bug
I am scanning a large IPv6 network and occasionally the following message appears:
Service scan sending probe NULL to fd06:5354:4152::1:179 (tcp)
Service scan sending probe SNMPv1public to fd06:5354:4152::1:161 (udp)
Service scan sending probe DNSVersionBindReq to fd05:aff:7999::1:161 (udp)
Service scan sending probe SNMPv3GetRequest to fd06:5354:4152::1:161 (udp)
Service scan sending probe RPCCheck to fd06:5354:4152::1:161 (udp)
Service scan sending probe NULL to fd06:8a0:4dad::2:179 (tcp)
Service scan sending probe SIPOptions to fd05:4b:cce::1:5000 (tcp)
Service scan sending probe OpenVPN to fd06:8a0:4dad::2:443 (udp)
Service scan sending probe DNSVersionBindReq to fd06:5354:4152::1:161 (udp)
Service scan sending probe RIPv1 to fd06:8a0:4dad::2:520 (udp)
Service scan sending probe DTLSSessionReq to fd06:8a0:4dad::2:443 (udp)
Service scan sending probe RPCCheck to fd06:8a0:4dad::2:520 (udp)
Service scan sending probe QUIC to fd06:8a0:4dad::2:443 (udp)
Service scan sending probe DNSVersionBindReq to fd06:8a0:4dad::2:520 (udp)
Service scan sending probe RPCCheck to fd06:8a0:4dad::2:443 (udp)
Service scan sending probe DTLSSessionReq to fd06:8a0:4dad::2:520 (udp)
Service scan sending probe NTPRequest to fd07:d34:7969:1:::123 (udp)
Service scan sending probe RPCCheck to fd05:aff:7999::1:443 (udp)
Service scan sending probe DTLSSessionReq to fd05:aff:7999::1:547 (udp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Service scan sending probe RIPv1 to fd07:d34:7969:2:::520 (udp)
Service scan sending probe oracle-tns to fd05:4b:cce::1:5000 (tcp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Service scan sending probe NTPRequest to fd07:d34:7969:3:::123 (udp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Service scan sending probe OpenVPN to fd07:d34:7969:3:::443 (udp)
Service scan sending probe RPCCheck to fd05:aff:7999::1:33436 (udp)
Service scan sending probe ONCRPC_CALL to fd07:d34:7969:3:::33436 (udp)
Service scan sending probe DNSVersionBindReq to fd05:aff:7999::1:33434 (udp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Service scan sending probe OpenVPN to fd07:d34:7969:::443 (udp)
Service scan sending probe DNSVersionBindReq to fd05:aff:7999::1:33435 (udp)
Service scan sending probe RIPv1 to fd07:d34:7969:::520 (udp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Service scan sending probe RPCCheck to fd07:d34:7969:::547 (udp)
Service scan sending probe DTLSSessionReq to fd06:5354:4152:::123 (udp)
Service scan sending probe DNSVersionBindReq to fd06:5354:4152:::443 (udp)
Service scan sending probe ONCRPC_CALL to fd07:d34:7969:::33436 (udp)
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
Unexpected error 13 (Permission denied) in NSE_TYPE_READ callback - aborting this service
To Reproduce
Scan a host that returns unreachable prohibited for a port.
Expected behavior
No warning
Version info (please complete the following information):
- OS: Debian 13
- Output of
nmap --version:
Nmap version 7.98SVN ( https://nmap.org )
Platform: x86_64-unknown-linux-gnu
Compiled with: liblua-5.4.7 openssl-3.5.1 libssh2-1.11.1 libz-1.3.1 libpcre2-10.46 libpcap-1.10.5 nmap-libdnet-1.18.0 ipv6
Compiled without:
Available nsock engines: epoll poll select
commit fcf6f0cb19e829720faa9f5ace506a582253104b (HEAD -> master, origin/master, origin/HEAD)
Author: nnposter <nnposter@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed Oct 8 23:08:04 2025 +0000
Use simpler/cheaper portrule
Additional context
tcpdump something like 13:34:59.914148 IP6 ams1-nl.jerry.dn42 > fd04:234e:fc31::250: ICMP6, destination unreachable, unreachable prohibited fd19:d101:719a::aaaa, length 123
In the current version of nmap, which is in Debian Trixie, the scan is even terminated for this reason. Fortunately, this has been improved in the latest version. However, nmap should not recognize this as an error, but rather as a closed port.
Describe the bug
I am scanning a large IPv6 network and occasionally the following message appears:
To Reproduce
Scan a host that returns unreachable prohibited for a port.
Expected behavior
No warning
Version info (please complete the following information):
nmap --version:Additional context
tcpdump something like
13:34:59.914148 IP6 ams1-nl.jerry.dn42 > fd04:234e:fc31::250: ICMP6, destination unreachable, unreachable prohibited fd19:d101:719a::aaaa, length 123In the current version of nmap, which is in Debian Trixie, the scan is even terminated for this reason. Fortunately, this has been improved in the latest version. However, nmap should not recognize this as an error, but rather as a closed port.