tcpdump will print an error message saying rfmon is not supported.
Give a concise explanation as to how one might solve this problem by
creating a monitor mode VAP.
For now, sandboxing is done only if -n option was specified and neither -z nor
-V options were given. Because it is very common to run tcpdump(8) with the -n
option for speed, I decided to commit sandboxing now. To also support
sandboxing when -n option wasn't specified, we need Casper daemon and its
services that are not available in FreeBSD yet.
- Limit file descriptors of a file specified by -r option or files specified
via -V option to CAP_READ only.
- If neither -r nor -V options were specified, we operate on /dev/bpf.
Limit its descriptor to CAP_READ and CAP_IOCTL plus limit allowed ioctls to
BIOCGSTATS only.
- Limit file descriptor of a file specified by -w option to CAP_SEEK and
CAP_WRITE.
- If either -C or -G options were specified, we open directory containing
destination file and we limit directory descriptor to CAP_CREATE, CAP_FCNTL,
CAP_FTRUNCATE, CAP_LOOKUP, CAP_SEEK and CAP_WRITE. Newly opened/created
files are limited to CAP_SEEK and CAP_WRITE only.
- Enter capability mode if -n option was specified and neither -z nor -V
options were specified.
Approved by: delphij, wxs
Sponsored by: The FreeBSD Foundation
share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of
FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk>
Reviewed by: imp, toolchain@
Approved by: cperciva
MFC after: 2 weeks
doesn't mean supporting IFT_PFSYNC (which I hope will eventually
die). This means decoding packets with IP protocol of 240 caught
on any normal interface like Ethernet.
The code is based on couple of files from OpenBSD, significantly
modified by myself.
Parser differentiates for four levels of verbosity: no -v, -v,
-vv and -vvv.
We don't yet forward this code upstream, because currently it
strongly relies on if_pfsync.h and even on pfvar.h. I hope that
this can be fixed in future.
Reviewed by: gnn, delphij
against icmp6_hdr::icmp6_type is done incorrectly. (This fix has
already been applied upstream, but we do not have the latest version of
tcpdump.)
MFC after: 1 week
o add missing Status and Reason codes
o parse/display Action frames
o parse/display Mesh data frames
o parse/display BA frames
Reviewed by: rpaulo
Approved by: re (kib)
o print-fr.c returned to code on vendor branch
o remove pmap_prot.h include from print-sunrprc.c
o remove gcc/i386-specific ntoh* write-arounds from tcpdump-stdinc.h
Reviewed by: bms
This file is already off the vendor branch, and the fix will be
in future tcpdump.org vendor branch imports.
PR: bin/76497
MFC after: 1 week
Obtained from: tcpdump.org rev 1.89.2.4
Discussed with: fenner, keramida