Porting openvas to the Mac (OS X)

Jeff Simmons jsimmons at goblin.punk.net
Thu Jun 4 11:21:04 PDT 2009

There's an interesting problem in getting openvas (specifically 
openvas-server) to run on the Mac.

Background: bpf (Berkeley Packet Filter) is a pseudo-device (it's pretending 
to be a hardware device) residing in /dev. It's basically a way to access the 
datastream flowing through the ethernet card without actually accessing the 
ethernet card (usually at /dev/eth0 or similar) itself. Having multiple bpf's 
makes programs that are doing multiple things with the ethernet data stream, 
such as packet filters and network scanners, simpler to write and more 
efficient to run.

A message when compiling openvas says that the program would like 100 bpf's. 
The Mac has 4. The message threatens dire consequences, such as missed scans, 
for limited bpf's.

The assigned weapon in *nix systems for creating bpf's (or any other device 
node) is the program mknod. Running this program 96 times with the proper 
options (preferably via shell script ;-) successfully gives my MacBook 100 
bpf's. But they don't persist - unlike other *nix systems I've used, they're 
gone after a reboot. So I either have to run that script on boot, or before 
launching openvas-server (it shouldn't affect the client).

There are obvious implications for a mac port of openvas-server. 

Jeff Simmons                                   jsimmons at goblin.punk.net
Simmons Consulting - Network Engineering, Administration, Security
"You guys, I don't hear any noise.  Are you sure you're doing it right?"
        --  My Life With The Thrill Kill Kult

More information about the macports-users mailing list