Date: Mon, 22 Apr 2002 22:37:38 +0200 From: sthaug@nethelp.no To: dwhite@resnet.uoregon.edu Cc: lyndon@orthanc.ab.ca, freebsd-current@FreeBSD.org Subject: Re: Adding a 'bpf' group for /dev/bpf* Message-ID: <47693.1019507858@verdi.nethelp.no> In-Reply-To: Your message of "Mon, 22 Apr 2002 11:16:58 -0700 (PDT)" References: <20020422111600.G5217-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
> > For the benefit of packet sniffers and other things that only want > > read-only access to /dev/bpf*, what do people think of adding a 'bpf' > > group for those programs? This allows bpf devices to be read by > > programs running with an effective gid of 'bpf' instead of the current > > requirement for an effective user of root. I've been running this way > > on many of our servers for several months now, and things like snort, > > tcpdump, etc., are quite happy with it (under stable). > > There's the other small problem that you have to be root to set > promiscuous mode. Not on 4.x. Haven't tried -current. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47693.1019507858>