To debug a problem I’m working on, I need to be able to see network traffic on an interface inside a linux-vserver guest. To do this, you have to enable the CAP_NET_RAW capability for that guest.
> echo "NET_RAW" >> /etc/vservers/myserver/bcapabilities
Then just restart the vserver.
I noticed you don’t have to enable NET_ADMIN, or unhide the interfaces. I’m not sure if there is much of a security risk on having NET_RAW enabled or not. You can always disable and restart after you’re done with tcpdump.
Categories
Tags
- aiglx
- ajax
- Apple Mail
- ati
- blogging
- C
- compiz
- cy7c68013a
- cypress
- design
- ebuild
- emerge
- extension
- finance
- fx2
- fx2lib
- gentoo
- git
- gmail
- image upload
- internet
- javascript
- linux
- money
- OS X
- performance
- plugins
- python
- rich text editor
- rte
- scalability
- scm
- source code
- source control
- sysadmin
- turbogears
- ui
- upgrade
- virtual python
- Web
- wordpress
- wp-cache
- xorg
- yui
-
- My Tweets
