tcpdump (/dev/bpf* permission) in FreeBSD-current
=?big5?q?Patrick=20Dung?=
patrick_dkt at yahoo.com.hk
Fri Jul 16 20:46:48 PDT 2004
Hi
It just works. Thanks.
BTW, I think it is good to run tcpdump with a user
like pcap or bpf for security reason.
Regards
Patrick
--- Joerg Wallerich <jw at net.in.tum.de> ¤º®e¡G> On Thu,
Jul 15, 2004 at 10:32:34PM +0800, Patrick
> Dung wrote:
> > Hi
> >
> > For FreeBSD-stable, I can change the permission of
> the
> > /dev/bpf*.
> > But for FreeBSD-current, the bpf device is created
> at
> > runtime. There is no way to decided the user/group
> and
> > permission of the device created. (/etc/devfs.conf
> can
> > be used, but it had to be start after the device
> is
> > created, where it is not created at boot time).
> >
> > I have asked this question in Freebsd-questions
> but
> > the problem remains unsolved:
> >
> >
>
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=256848+0+archive/2004/freebsd-questions/20040711.freebsd-questions
> >
>
> Hi,
>
> add to /etc/devfs.rules:
>
> [devfs_ruleset_sniffer=10]
> add path 'bpf*' unhide mode 0660 group bpf
>
> and to /etc/rc.conf
>
> devfs_system_ruleset="devfs_ruleset_sniffer"
>
>
> This grants access to bpf devices to all members of
> group 'bpf'. I don't know if this is 'the way to do
> it[TM]'
> but it does work.
>
> Joerg
>
>
> --
>
----------------------------------------------------------------
> - Joerg Wallerich -
> jw at net.in.tum.de -
> - Technische Universitaet Muenchen - Phone +49 89
> 289 18035 -
>
----------------------------------------------------------------
>
_________________________________________________________
¥²±þ§Þ¡B¶¼ºq¡B¤p¬P¬P...
®öº©¹aÁn ±¡¤ß³sô
http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/
More information about the freebsd-current
mailing list