Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 6464 - tcpdump defaults to non promiscuous mode
Summary: tcpdump defaults to non promiscuous mode
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: tcpdump
Version: 6.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Harald Hoyer
QA Contact:
URL:
Whiteboard:
: 9945 (view as bug list)
Depends On: 10739
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-10-28 14:43 UTC by Oleg Makarenko
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2000-07-11 18:37:06 UTC


Attachments (Terms of Use)

Description Oleg Makarenko 1999-10-28 14:43:47 UTC
Description:
tcpdump starts in non promiscuous mode by default and
changes to promiscuous mode with -p option while
documentation (man) still states that -p should be used to
start it in NON promiscuous mode.

It breaks a lot of my scripts :(

Conclusion:
Probably a typo in a code or documentation bug at least.

Comment 1 Alan Cox 2000-01-20 15:32:59 UTC
There is an error in Alexey Kuznetsov's tcpdump enhancements for Linux that
causes this. Seems he decided that it would be fun to swap the default over.

This silently breaks some security tools. In addition the same patch contains
an ANK hack that breaks setuid use of tcpdump except for a hardcoded uid 2090.

(search for 2090 in the ANK patch in the source rpm, the promisc bug
introduction is right by it). Looks like that chunk of ANK stuff wants dropping
back to the old (NO_ANK_FIX) edition.

Alan

Comment 2 Jeff Johnson 2000-01-20 18:18:59 UTC
The 2090 setuid problem is fixed in tcpdump-3.4-17 from Raw Hide.

Comment 3 Elliot Lee 2000-02-03 16:50:59 UTC
Marked as fixed, so closing the bug.

Comment 4 Jeff Johnson 2000-02-09 20:36:59 UTC
Only the 2090 problem has been fixed, the documentation needs to be updated
(the behavior is not going to change. A shell wrapper to diddle the -p flag
and supply -i eth0 is trivial, and will preserve the Good Ol' tcpdump behavior).

Comment 5 Jeff Johnson 2000-03-04 17:33:59 UTC
*** Bug 9945 has been marked as a duplicate of this bug. ***

Comment 6 Jeff Johnson 2000-07-11 18:42:44 UTC
Fixed (by updating man page) in tcpdump-3.4-22.


Note You need to log in before you can comment on or make changes to this bug.