Promiscuous ports under Linux
Peter Pearson
pkpearson at nowhere.invalid
Thu May 4 00:05:14 EDT 2017
On Wed, 3 May 2017 18:09:08 -0700, Rob Gaddi wrote:
> On 05/03/2017 04:57 PM, Peter Pearson wrote:
>> Cobbling together a minimalist ethernet-sniffing program, I was hoping
>> to use this simple mechanism for setting the socket to "promiscuous
>> mode" (to see all traffic going past, instead of just traffic addressed
>> to my machine):
>>
>> s.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
>>
>> Unfortunately, it seems that that mechanism is available under Windows
>> but not under Linux. Googling around for Linux equivalents, I found
>> only very contorted solutions, and concluded that maybe this lacuna
>> persists because Linux users find it convenient to invoke promiscuous
>> mode from the command line, instead:
>>
>> $ sudo ip link set eth0 promisc on
>> $ netstat -i # (Verify that the P flag is set.)
>>
>> This somehow fails: my sniffer continues to see only broadcasts,
>> but if I run dumpcap at the same time, dumpcap captures lots of traffic.
>>
>> So my question is now two questions:
>>
>> . Is it true that going permiscuous under Linux must be somewhat ugly?
>> (It's OK if it is, I'll just copy the ugly code and get moving again.)
>>
>> . Why doesn't the command-line "promisc on" work? (Granted, this is
>> maybe a Linux question.)
>>
>> Thanks.
>>
>
> Tried running it as root?
Good question; I should have mentioned: Yes:
$ sudo python3 sniff_survey.py
--
To email me, substitute nowhere->runbox, invalid->com.
More information about the Python-list
mailing list