From owner-freebsd-current@FreeBSD.ORG Sat Jul 17 03:46:48 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B99FF16A4CE for ; Sat, 17 Jul 2004 03:46:48 +0000 (GMT) Received: from web51806.mail.yahoo.com (web51806.mail.yahoo.com [206.190.38.237]) by mx1.FreeBSD.org (Postfix) with SMTP id 5187B43D2F for ; Sat, 17 Jul 2004 03:46:48 +0000 (GMT) (envelope-from patrick_dkt@yahoo.com.hk) Message-ID: <20040717034647.13655.qmail@web51806.mail.yahoo.com> Received: from [61.10.7.82] by web51806.mail.yahoo.com via HTTP; Sat, 17 Jul 2004 11:46:47 CST Date: Sat, 17 Jul 2004 11:46:47 +0800 (CST) From: =?big5?q?Patrick=20Dung?= To: Joerg Wallerich In-Reply-To: <20040716134240.GA25987@net.in.tum.de> MIME-Version: 1.0 Content-Type: text/plain; charset=big5 Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Sat, 17 Jul 2004 11:40:27 +0000 cc: freebsd-current@freebsd.org Subject: Re: tcpdump (/dev/bpf* permission) in FreeBSD-current X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Jul 2004 03:46:48 -0000 Hi It just works. Thanks. BTW, I think it is good to run tcpdump with a user like pcap or bpf for security reason. Regards Patrick --- Joerg Wallerich 內容:> On Thu, Jul 15, 2004 at 10:32:34PM +0800, Patrick > Dung wrote: > > Hi > > > > For FreeBSD-stable, I can change the permission of > the > > /dev/bpf*. > > But for FreeBSD-current, the bpf device is created > at > > runtime. There is no way to decided the user/group > and > > permission of the device created. (/etc/devfs.conf > can > > be used, but it had to be start after the device > is > > created, where it is not created at boot time). > > > > I have asked this question in Freebsd-questions > but > > the problem remains unsolved: > > > > > http://docs.freebsd.org/cgi/getmsg.cgi?fetch=256848+0+archive/2004/freebsd-questions/20040711.freebsd-questions > > > > Hi, > > add to /etc/devfs.rules: > > [devfs_ruleset_sniffer=10] > add path 'bpf*' unhide mode 0660 group bpf > > and to /etc/rc.conf > > devfs_system_ruleset="devfs_ruleset_sniffer" > > > This grants access to bpf devices to all members of > group 'bpf'. I don't know if this is 'the way to do > it[TM]' > but it does work. > > Joerg > > > -- > ---------------------------------------------------------------- > - Joerg Wallerich - > jw@net.in.tum.de - > - Technische Universitaet Muenchen - Phone +49 89 > 289 18035 - > ---------------------------------------------------------------- > _________________________________________________________ 必殺技、飲歌、小星星... 浪漫鈴聲 情心連繫 http://us.rd.yahoo.com/evt=22281/*http://ringtone.yahoo.com.hk/