diff options
| author | Gerald Combs <gerald@wireshark.org> | 2013-09-27 03:33:26 +0000 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2013-09-27 03:33:26 +0000 |
| commit | 4ddecad2baa69c043c44c30a54f3a89998982ace (patch) | |
| tree | 434526411aca84c024c6923b3bae28c33f9116d1 /packaging | |
| parent | 1662d89793a5dae3d8a23ada2759947909a4fe31 (diff) | |
Have ChmodBPF kludge^Wcreate as many BPF devices as possible at startup.
The welcome screen in the Qt port runs "dumpcap -S" to draw sparklines.
On OS X this means that it holds open a BPF device for each interface.
Trying to capture using another instance of Wireshark (or tcpdump, or
tshark, or...) will trigger the creation of an additional BPF device but
we won't have permission to use it. Forcing device creation at startup
works around this.
svn path=/trunk/; revision=52227
Diffstat (limited to 'packaging')
| -rwxr-xr-x | packaging/macosx/ChmodBPF/ChmodBPF | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/packaging/macosx/ChmodBPF/ChmodBPF b/packaging/macosx/ChmodBPF/ChmodBPF index e89b587d67..3c1bc7fb73 100755 --- a/packaging/macosx/ChmodBPF/ChmodBPF +++ b/packaging/macosx/ChmodBPF/ChmodBPF @@ -1,18 +1,22 @@ -#! /bin/sh +#! /bin/bash # # $Id$ . /etc/rc.common + StartService () { # # Unfortunately, Mac OS X's devfs is based on the old FreeBSD # one, not the current one, so there's no way to configure it - # to create BPF devices with particular owners or groups. - # This startup item will make it owned by the admin group, - # with permissions rw-rw----, so that anybody in the admin - # group can use programs that capture or send raw packets. + # to create BPF devices with particular owners or groups. BPF + # devices on Mac OS X are also non-cloning, that is they can + # be created on demand at any time. This startup item will + # pre-create a number of BPF devices, then make them owned by + # the access_bpf group, with permissions rw-rw----, so that + # anybody in the access_bpf group can use programs that capture + # or send raw packets. # # Change this as appropriate for your site, e.g. to make # it owned by a particular user without changing the permissions, @@ -21,6 +25,24 @@ StartService () # only the super-user can send raw packets but anybody in the # admin group can capture packets. # + + # Pre-create BPF devices. Set to 0 to disable. + FORCE_CREATE_BPF_MAX=256 + + SYSCTL_MAX=$( sysctl -n debug.bpf_maxdevices ) + if [ "$FORCE_CREATE_BPF_MAX" -gt "$SYSCTL_MAX" ] ; then + FORCE_CREATE_BPF_MAX=$SYSCTL_MAX + fi + + syslog -s -l notice "ChmodBPF: Forcing creation and setting permissions for /dev/bpf*" + + CUR_DEV=0 + while [ "$CUR_DEV" -lt "$FORCE_CREATE_BPF_MAX" ] ; do + # Try to do the minimum necessary to trigger the next device. + read -n 0 < /dev/bpf$CUR_DEV > /dev/null 2>&1 + CUR_DEV=$(( $CUR_DEV + 1 )) + done + chgrp access_bpf /dev/bpf* chmod g+rw /dev/bpf* } |