Using tcpdump on a linux-vserver guest

Posted in October 11th, 2007

To debug a problem I'm working on, I need to be able to see network traffic on an interface inside a linux-vserver guest. To do this, you have to enable the CAP_NET_RAW capability for that guest.
> echo "NET_RAW" >> /etc/vservers/myserver/bcapabilities
Then just restart the vserver.
I noticed you don't have to enable NET_ADMIN, or unhide the interfaces. I'm not sure if there is much of a security risk on having NET_RAW enabled or not. You can always disable and restart after you're done with tcpdump.

1 user commented in " Using tcpdump on a linux-vserver guest "

Follow-up comment rss or Leave a Trackback

Brutellio said,

in July 7th, 2008 at 4:30 am

Hello. I enjoyed reading your website.
Have a wonderful day and keep up the good work.
Brutellio.

About

I frequently encounter new technologies and challenges as I play with, work with, and otherwise use computers. AllMyBrain.com is my place to store what I learn on a day to day basis. I'll be able to come back in the future and see what I was thinking. In the mean time, hopefully others will benefit too.

Some of the content on this site is sponsored by 3rd parties. If you're interested just contact me.

M	T	W	T	F	S	S
« Sep				Nov »
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Using tcpdump on a linux-vserver guest

1 user commented in " Using tcpdump on a linux-vserver guest "

Leave A Reply

About

Friends

More about me

Sites I created

Sites I visit

Recent Comments

Categories

Subscribe

Tags

Archives