Date: Wed, 2 Dec 1998 20:41:28 +0000 From: Ben Smithurst <ben@scientia.demon.co.uk> To: Roman Katsnelson <roman@atlas-design.net> Cc: "q's" <freebsd-questions@FreeBSD.ORG> Subject: Re: sniffer Message-ID: <19981202204128.A1283@scientia.demon.co.uk> In-Reply-To: <3665A44D.C8DDB6A@atlas-design.net> References: <36657AD5.1F79504B@atlas-design.net> <19981202200327.C366@scientia.demon.co.uk> <3665A44D.C8DDB6A@atlas-design.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Roman Katsnelson wrote: > > > and being that this is a custom kernel on a live and important web > ^^^^^^^^^^^^^^^^^^^^^^^ > > You think the GENERIC kernel, with lots of unneeded bloat, is better > ^^^^^^^^^^^^^^ > > No, I was saying that we already have a custom kernel. Oh, oops, I thought you meant if you did change it, _then_ it would be a custom kernel. Sorry 'bout that. > But do I understand correctly, tcpdump doesn't need any additions to > the kernel? It needs `pseudo-device bpfilter n' for some suitable value of n, 4 for example. Maybe you already have this. You also need to make the /dev/bpf* nodes with MAKEDEV. > It just needs to be setuid root? Probably a bad idea. No-one except root should ever have to run it; would you really want your average luser running it and seeing packets going in and out of your machine? -- Ben Smithurst ben@scientia.demon.co.uk send a blank message to ben+pgp@scientia.demon.co.uk for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981202204128.A1283>