int i;
if (pcap_findalldevs_ex(remote_interfaces_source, NULL, &devlist,
- ebuf) < 0)
+ ebuf) < 0) {
+ if (strcmp(ebuf, "not supported") == 0) {
+ /*
+ * macOS 14's pcap_findalldevs_ex(), which is a
+ * stub that always returns -1 with an error
+ * message of "not supported".
+ *
+ * In this case, as we passed it an rpcap://
+ * URL, treat that as meaning "remote capture
+ * not supported".
+ */
+ error("Remote capture not supported");
+ }
error("%s", ebuf);
+ }
for (i = 0, dev = devlist; dev != NULL; i++, dev = dev->next) {
printf("%d.%s", i+1, dev->name);
if (dev->description != NULL)
} else
error("Couldn't find user '%.32s'", username);
#ifdef HAVE_LIBCAP_NG
- /* We don't need CAP_SETUID, CAP_SETGID and CAP_SYS_CHROOT any more. */
+ /* We don't need CAP_SETUID, CAP_SETGID and CAP_SYS_CHROOT anymore. */
DIAG_OFF_ASSIGN_ENUM
capng_updatev(
CAPNG_DROP,
* along the lines of ioctl(), the fact that ioctl() operations are
* largely specific to particular character devices but fcntl() operations
* are either generic to all descriptors or generic to all descriptors for
- * regular files nonwithstanding.
+ * regular files notwithstanding.
*
* The Capsicum people decided that fine-grained control of descriptor
* operations was required, so that you need to grant permission for
pflag ? 0 : PCAP_OPENFLAG_PROMISCUOUS, timeout, NULL,
ebuf);
if (pc == NULL) {
+ /*
+ * macOS 14's pcap_pcap_open(), which is a
+ * stub that always returns NULL with an error
+ * message of "not supported".
+ *
+ * In this case, as we passed it an rpcap://
+ * URL, treat that as meaning "remote capture
+ * not supported".
+ */
+ if (strcmp(ebuf, "not supported") == 0)
+ error("Remote capture not supported");
+
/*
* If this failed with "No such device" or "The system
* cannot find the device specified", that means
if (status != 0)
error("%s: pcap_setdirection() failed: %s",
device, pcap_geterr(pc));
- }
+ }
#endif /* HAVE_PCAP_SETDIRECTION */
#else /* HAVE_PCAP_CREATE */
*ebuf = '\0';
show_remote_devices_and_exit();
#endif
-#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
-/* Set default linktype DLT_LINUX_SLL2 when capturing on the "any" device */
- if (device != NULL &&
- strncmp (device, "any", strlen("any")) == 0
- && yflag_dlt == -1)
- yflag_dlt = DLT_LINUX_SLL2;
-#endif
-
switch (ndo->ndo_tflag) {
case 0: /* Default */
/* Run with '-Z root' to restore old behaviour */
if (!username)
username = WITH_USER;
+ else if (strcmp(username, "root") == 0)
+ username = NULL;
}
#endif
pcap_datalink_val_to_name(yflag_dlt));
(void)fflush(stderr);
}
+#if defined(DLT_LINUX_SLL2) && defined(HAVE_PCAP_SET_DATALINK)
+ else {
+ /*
+ * Attempt to set default linktype to
+ * DLT_LINUX_SLL2 when capturing on the
+ * "any" device.
+ *
+ * If the attempt fails, just quietly drive
+ * on; this may be a non-Linux "any" device
+ * that doesn't support DLT_LINUX_SLL2.
+ */
+ if (strcmp(device, "any") == 0)
+ (void) pcap_set_datalink(pd, DLT_LINUX_SLL2);
+ }
+#endif
i = pcap_snapshot(pd);
if (ndo->ndo_snaplen < i) {
if (ndo->ndo_snaplen != 0)
#else
cansandbox = (cansandbox && ndo->ndo_nflag);
#endif /* HAVE_CASPER */
+ cansandbox = (cansandbox && (pcap_fileno(pd) != -1 ||
+ RFileName != NULL));
+
if (cansandbox && cap_enter() < 0 && errno != ENOSYS)
error("unable to enter the capability mode");
#endif /* HAVE_CAPSICUM */
projects / tcpdump / blobdiff