Guy Harris wrote:
On Oct 14, 2008, at 9:30 AM, Max Laier wrote:
> Depends on the platform you are on. On FreeBSD all you need is read
> write
> permission to the /dev/bpf* devices.
Also true in NetBSD, OpenBSD, DragonFly BSD, Mac OS X, and, I think,
AIX. (And, at least with some versions
On Oct 14, 2008, at 9:30 AM, Max Laier wrote:
Depends on the platform you are on. On FreeBSD all you need is read
write
permission to the /dev/bpf* devices.
Also true in NetBSD, OpenBSD, DragonFly BSD, Mac OS X, and, I think,
AIX. (And, at least with some versions of libpcap, all you ne
I doesn't know POSIX capabilities and it seems to be very interesting. I
think it's a good first step, but I see a potential problem : if I give
CAP_NET_ADMIN capability to a user, he can do what he wants on all
ethernet interfaces, isn't it ? In my case, I have for example 1
interface used for
Under Linux you can use POSIX capabilities to capture as non-root.
CAP_NET_RAW lets you capture, and CAP_NET_ADMIN lets you use promiscuous
mode.
Damien ANCELIN wrote:
> To give you more informations :
> - "metrology platform" will be a computer that can be used by many users
> to capture packets
To give you more informations :
- "metrology platform" will be a computer that can be used by many
users to capture packets (coming from a mirroring port of a switch).
- It's currently running on an linux debian.
It seems there is no common manner to do this in a simple way (I will
have a look
> > As I'm developping on libpcap to provide a metrology plateform, I was
> > wondering if there is a manner to enable a specific user (or a specific
> > group) to capture from a network interfaces (even in promiscuous mode),
> > without using sudo.
> > I'm trying to do this with udev, but I'm not
> "Damien" == Damien ANCELIN <[EMAIL PROTECTED]> writes:
Damien> As I'm developping on libpcap to provide a metrology
Damien> plateform, I was wondering if there is a manner to enable a
Damien> specific user (or a specific group) to capture from a
Damien> network interfaces (ev
On Tue, Oct 14, 2008 at 18:30 +0200, Max Laier wrote:
> Depends on the platform you are on. On FreeBSD all you need is read write
> permission to the /dev/bpf* devices.
A long time ago, I did a hack for Linux which allows to give a
specific group capture permission without becoming root. 2.6.1
On Tuesday 14 October 2008 17:33:13 Damien ANCELIN wrote:
> As I'm developping on libpcap to provide a metrology plateform, I was
> wondering if there is a manner to enable a specific user (or a specific
> group) to capture from a network interfaces (even in promiscuous mode),
> without using sudo.
Hi list,
As I'm developping on libpcap to provide a metrology plateform, I was
wondering if there is a manner to enable a specific user (or a specific
group) to capture from a network interfaces (even in promiscuous mode),
without using sudo.
I'm trying to do this with udev, but I'm not shure
10 matches
Mail list logo
