tcpdump mailing list archives
Re: non-root pcap capture under Linux
From: Gerald Combs <gerald () wireshark org>
Date: Fri, 09 Apr 2010 11:19:55 -0700
amnon cohen wrote:
Hi, Is there anyway to capture packets without being root on Linux. The docs imply that we running with CAP_NET_RAW will do the trick. Has anyone managed to get this to work? I got stuck when trying to add CAP_NET_RAW to the executable # setcap cap_net_raw my_sniffer_program fatal error: Invalid argument usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]
Try "setcap cap_net_raw,cap_net_admin=eip my_sniffer_program": http://packetlife.net/blog/2010/mar/19/sniffing-wireshark-non-root-user/ If you generate traffic you might need cap_net_broadcast as well. -- Join us for Sharkfest ’10! · Wireshark® Developer and User Conference Stanford University, June 14-17 · http://www.cacetech.com/sharkfest.10/ - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- non-root pcap capture under Linux amnon cohen (Apr 09)
- Re: non-root pcap capture under Linux Luca Bruno (Apr 09)
- Re: non-root pcap capture under Linux Gerald Combs (Apr 09)