-#! /bin/sh
+#! /bin/bash
#
# $Id$
. /etc/rc.common
+
StartService ()
{
#
# Unfortunately, Mac OS X's devfs is based on the old FreeBSD
# one, not the current one, so there's no way to configure it
- # to create BPF devices with particular owners or groups.
- # This startup item will make it owned by the admin group,
- # with permissions rw-rw----, so that anybody in the admin
- # group can use programs that capture or send raw packets.
+ # to create BPF devices with particular owners or groups. BPF
+ # devices on Mac OS X are also non-cloning, that is they can
+ # be created on demand at any time. This startup item will
+ # pre-create a number of BPF devices, then make them owned by
+ # the access_bpf group, with permissions rw-rw----, so that
+ # anybody in the access_bpf group can use programs that capture
+ # or send raw packets.
#
# Change this as appropriate for your site, e.g. to make
# it owned by a particular user without changing the permissions,
# only the super-user can send raw packets but anybody in the
# admin group can capture packets.
#
+
+ # Pre-create BPF devices. Set to 0 to disable.
+ FORCE_CREATE_BPF_MAX=256
+
+ SYSCTL_MAX=$( sysctl -n debug.bpf_maxdevices )
+ if [ "$FORCE_CREATE_BPF_MAX" -gt "$SYSCTL_MAX" ] ; then
+ FORCE_CREATE_BPF_MAX=$SYSCTL_MAX
+ fi
+
+ syslog -s -l notice "ChmodBPF: Forcing creation and setting permissions for /dev/bpf*"
+
+ CUR_DEV=0
+ while [ "$CUR_DEV" -lt "$FORCE_CREATE_BPF_MAX" ] ; do
+ # Try to do the minimum necessary to trigger the next device.
+ read -n 0 < /dev/bpf$CUR_DEV > /dev/null 2>&1
+ CUR_DEV=$(( $CUR_DEV + 1 ))
+ done
+
chgrp access_bpf /dev/bpf*
chmod g+rw /dev/bpf*
}
git.samba.org / jelmer / wireshark.git / commitdiff