Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
NetBSD/external/bsd/libpcap/dist/doc/README.macos

75 lines
3.4 KiB
Plaintext
Raw Normal View History

Import libpcap-1.9.0 Sunday, June 24, 2018, by mcr@sandelman.ca Summary for 1.9.0 libpcap release Added testing system to libpcap, independent of tcpdump Changes to how pcap_t is activated Adding support for Large stream buffers on Endace DAG cards Changes to BSD 3-clause license to 2-clause licence Additions to TCP header parsing, per RFC3168 Add CMake build process (extensive number of changes) Assign a value for OpenBSD DLT_OPENFLOW. Support setting non-blocking mode before activating. Extensive build support for Windows VS2010 and MINGW (many many changes, over many months) Added RPCAPD support when --enable-remote (default no) Add the rpcap daemon source and build instructions. Put back the greasy "save the capture filter string so we can tweak it" hack, that keeps libpcap from capturing rpcap traffic. Fixes for captures on MacOS, utun0 fixes so that non-AF_INET addresses, are not ==AF_INET6 addresses. Add a linktype for IBM SDLC frames containing SNA PDUs. pcap_compile() in 1.8.0 and later is newly thread-safe. bound snaplen for linux tpacket_v2 to ~64k Make VLAN filter handle both metadata and inline tags D-Bus captures can now be up to 128MB in size Added LORATAP DLT value Added DLT_VSOCK for http://qemu-project.org/Features/VirtioVsock probe_devices() fixes not to overrun buffer for name of device Add linux-specific pcap_set_protocol_linux() to allow specifying a specific capture protocol. RDMA sniffing support for pcap Add Nordic Semiconductor Bluetooth LE sniffer link-layer header type. fixes for reading /etc/ethers Make it possible to build on Windows without packet.dll. Add tests for large file support on UN*X. Solaris fixes to work with 2.8.6 configuration test now looks for header files, not capture devices present Fix to work with Berkeley YACC. fixes for DragonBSD compilation of pcap-netmap.c Clean up the ether_hostton() stuff. Add an option to disable Linux memory-mapped capture support. Add DAG API support checks. Add Septel, Myricom SNF, and Riverbed TurboCap checks. Add checks for Linux USB, Linux Bluetooth, D-Bus, and RDMA sniffing support. Add a check for hardware time stamping on Linux. Don't bother supporting pre-2005 Visual Studio. Increased minimum autoconf version requirement to 2.64 Add DLT value 273 for XRA-31 sniffer Clean up handing of signal interrupts in pcap_read_nocb_remote(). Use the XPG 4.2 versions of the networking APIs in Solaris. Fix, and better explain, the "IPv6 means IPv6, not IPv4" option setting. Explicitly warn that negative packet buffer timeouts should not be used. rpcapd: Add support inetd-likes, including xinetd.conf, and systemd units Rename DLT_IEEE802_15_4 to DLT_IEEE802_15_4_WITHFCS. Add DISPLAYPORT AUX link type Remove the sunos4 kernel modules and all references to them. Add more interface flags to pcap_findalldevs(). Summary for 1.9.0 libpcap release (to 2017-01-25 by guy@alum.mit.edu) Man page improvements Fix Linux cooked mode userspace filtering (GitHub pull request #429) Fix compilation if IPv6 support not enabled Fix some Linux memory-mapped capture buffer size issues Don't fail if kernel filter can't be set on Linux (GitHub issue #549) Improve sorting of interfaces for pcap_findalldevs() Don't list Linux usbmon devices if usbmon module isn't loaded Report PCAP_ERROR_PERM_DENIED if no permission to open Linux usbmon devices Fix DLT_ type for Solaris IPNET devices Always return an error message for errors finding DAG or Myricom devices If possible, don't require that a device be openable when enumerating them for pcap_findalldevs() Don't put incompletely-initialized addresses in the address list for When finding Myricom devices, update description for regular interfaces that are Myricom devices and handle SNF_FLAGS=0x2(port aggregation enabled) Fix compilation error in DAG support Fix issues with CMake configuration Add support for stream buffers larger than 2GB on newer DAG cards Remove support for building against DAG versions without STREAMS support (before dag-3.0.0 2007)
2018-09-03 17:43:43 +03:00
As with other systems using BPF, macOS allows users with read access to
the BPF devices to capture packets with libpcap and allows users with
write access to the BPF devices to send packets with libpcap.
On some systems that use BPF, the BPF devices live on the root file
system, and the permissions and/or ownership on those devices can be
changed to give users other than root permission to read or write those
devices.
On newer versions of FreeBSD, the BPF devices live on devfs, and devfs
can be configured to set the permissions and/or ownership of those
devices to give users other than root permission to read or write those
devices.
On macOS, the BPF devices live on devfs, but the macOS version of devfs
is based on an older (non-default) FreeBSD devfs, and that version of
devfs cannot be configured to set the permissions and/or ownership of
those devices.
Therefore, we supply:
a "startup item" for older versions of macOS;
a launchd daemon for Tiger and later versions of macOS;
Both of them will change the ownership of the BPF devices so that the
"admin" group owns them, and will change the permission of the BPF
devices to rw-rw----, so that all users in the "admin" group - i.e., all
users with "Allow user to administer this computer" turned on - have
both read and write access to them.
The startup item is in the ChmodBPF directory in the source tree. A
/Library/StartupItems directory should be created if it doesn't already
exist, and the ChmodBPF directory should be copied to the
/Library/StartupItems directory (copy the entire directory, so that
there's a /Library/StartupItems/ChmodBPF directory, containing all the
files in the source tree's ChmodBPF directory; don't copy the individual
items in that directory to /Library/StartupItems). The ChmodBPF
directory, and all files under it, must be owned by root. Installing
the files won't immediately cause the startup item to be executed; it
will be executed on the next reboot. To change the permissions before
the reboot, run
sudo SystemStarter start ChmodBPF
The launchd daemon is the chmod_bpf script, plus the
org.tcpdump.chmod_bpf.plist launchd plist file. chmod_bpf should be
installed in /usr/local/bin/chmod_bpf, and org.tcpdump.chmod_bpf.plist
should be installed in /Library/LaunchDaemons. chmod_bpf, and
org.tcpdump.chmod_bpf.plist, must be owned by root. Installing the
script and plist file won't immediately cause the script to be executed;
it will be executed on the next reboot. To change the permissions
before the reboot, run
sudo /usr/local/bin/chmod_bpf
or
sudo launchctl load /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist
If you want to give a particular user permission to access the BPF
devices, rather than giving all administrative users permission to
access them, you can have the ChmodBPF/ChmodBPF script change the
ownership of /dev/bpf* without changing the permissions. If you want to
give a particular user permission to read and write the BPF devices and
give the administrative users permission to read but not write the BPF
devices, you can have the script change the owner to that user, the
group to "admin", and the permissions to rw-r-----. Other possibilities
are left as an exercise for the reader.
(NOTE: due to a bug in Snow Leopard, if you change the permissions not
to grant write permission to everybody who should be allowed to capture
traffic, non-root users who cannot open the BPF devices for writing will
not be able to capture outgoing packets.)