Date: Thu, 3 Dec 1998 12:13:49 -0800 (PST) From: Doug White <dwhite@resnet.uoregon.edu> To: jm7996@devrycols.edu Cc: Roman Katsnelson <roman@atlas-design.net>, Ben Smithurst <ben@scientia.demon.co.uk>, "q's" <freebsd-questions@FreeBSD.ORG> Subject: Re: sniffer Message-ID: <Pine.BSF.4.03.9812031212020.12937-100000@resnet.uoregon.edu> In-Reply-To: <Pine.BSF.4.05.9812030144170.852-100000@insomnia.local.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 3 Dec 1998, James A. Mutter wrote: > > No, I was saying that we already have a custom kernel. And it was kind > > of a pain to compile, and it finally works and I'd just rather not touch > > it. But I guess I *could* keep it around anyway. I don't know. But do I > > understand correctly, tcpdump doesn't need any additions to the kernel? > > It just needs to be setuid root? > > No - tcpdump requires that the NIC be in promiscous mode. You need to > enable bpfilter in the kernel - there just isn't any way around it. [pedantic mode ON] Actually, tcpdump will be perfectly happy in normal mode; you'll only see broadcast packets and packets destined for the local host. See the -p option. That doesn't prevent other processes from putting the NIC in promiscuous mode, however; it just squashes the ioctl. Doug White Internet: dwhite@resnet.uoregon.edu | FreeBSD: The Power to Serve http://gladstone.uoregon.edu/~dwhite | www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.03.9812031212020.12937-100000>