Setting the capabilities to sniff on an interface with libpcap

From AcrodusWiki
Revision as of 21:29, 2 April 2025 by Alex (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

So i did this in rust, however is the case for any language. This allows you to run a program as a non root user but have access to the interface for sniffing.

This command sets the capabilities of the executable. It must have both cap_net_admin and cap_net_raw. 

sudo setcap cap_net_raw,cap_net_admin=+ep target/debug/rp2009_sniffer

The code then also needs to set it? 

       caps::raise(None, caps::CapSet::Inheritable, caps::Capability::CAP_NET_ADMIN).unwrap();
       caps::raise(None, caps::CapSet::Ambient, caps::Capability::CAP_NET_ADMIN).unwrap();
       caps::raise(None, caps::CapSet::Inheritable, caps::Capability::CAP_NET_RAW).unwrap();
       caps::raise(None, caps::CapSet::Ambient, caps::Capability::CAP_NET_RAW).unwrap();
Retrieved from "http://wiki.acrodus.uk/index.php?title=Setting_the_capabilities_to_sniff_on_an_interface_with_libpcap&oldid=117"