 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Derek Martin wrote: > When a frame comes into an interface, the kernel (e.g. the iptables > filters) sees it first before any userland proceses can muck with it. Are you certain about that? I thought that tcpdump violated the usual course of stack processing, and got a copy of every packet to be received by the listening interface before they got placed onto the IP stack, and that was why tcpdump needed to be executed with setuid as root, and the packet socket option compiled into the kernel. The support documentation clearly states that tcpdump communicates directly with the network device. Hunter
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
