That is right. In order to get the packet from the firewall and decide the packet's destiny, you must do it as root.
As far as the inline logging, I would have to look into it as well. What version honeywall are you using? Rob On 6/27/07, Patrick McCarty <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Jun 27, 2007 at 03:44:24PM -0400, Earl wrote: > I don't believe it can drop privs becaus eit needs to be able to > drop packets and to restes and other rootly stuff. Rob/Patrick? IIRC, it needs root privs because of the interface to the userspace libipq. Otherwise, any non-priv process could accept, modify, or reject any packet that was sent to userspace from the iptables -j QUEUE target. There may be other reasons as well, its been a bit since I've looked at that particular piece. - -- patrick -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFGgs3opPYocrgNjZgRAlazAJ4rUjODRmxd3jaKdIPyo2SKsa77WQCdHd+F E5QAW41ANhjc0fUBdy10qSQ= =B2l3 -----END PGP SIGNATURE----- _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
_______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
