[squid-users] Fwd: Squid/Ecap Adapter unable to open RAW Socket
Hello, icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP); The above command works fine in squid. But if I run the same command in my eCap adapter I get an error. EPERM (Operation not permitted). Can you please help? Is this related the way dll are handled in linux. Thanks, Jatin
Re: [squid-users] Fwd: Squid/Ecap Adapter unable to open RAW Socket
On 6/05/2014 11:16 p.m., Jatin Bhasin wrote: Hello, icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP); The above command works fine in squid. But if I run the same command in my eCap adapter I get an error. EPERM (Operation not permitted). Can you please help? Is this related the way dll are handled in linux. It is related to the application effective user permissions. The Squid helper program which that code is in requires to be run with root user privileges solely in order to do that. Whereas the main Squid binary running your eCAP library is operating under a protected / unprivileged user account when it processes HTTP traffic. Why are you trying to do ICMP from an eCAP adaptor? Amos
Re: [squid-users] Fwd: Squid/Ecap Adapter unable to open RAW Socket
Hello, Thanks for the response. I have to write an application where I have to send icmp pings when I receive certain data in my eCap adapter. But I am stuck at this issue and not able to move forward. I am running squid with cache_effective_user root. What else I would have to do to be able to open socket in my eCap adapter. Thanks, Jatin On Tue, May 6, 2014 at 9:22 PM, Amos Jeffries squ...@treenet.co.nz wrote: On 6/05/2014 11:16 p.m., Jatin Bhasin wrote: Hello, icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP); The above command works fine in squid. But if I run the same command in my eCap adapter I get an error. EPERM (Operation not permitted). Can you please help? Is this related the way dll are handled in linux. It is related to the application effective user permissions. The Squid helper program which that code is in requires to be run with root user privileges solely in order to do that. Whereas the main Squid binary running your eCAP library is operating under a protected / unprivileged user account when it processes HTTP traffic. Why are you trying to do ICMP from an eCAP adaptor? Amos
Re: [squid-users] Fwd: Squid/Ecap Adapter unable to open RAW Socket
Thanks I was able to solve this issue by setting up effective user permissions. On Tue, May 6, 2014 at 9:22 PM, Amos Jeffries squ...@treenet.co.nz wrote: On 6/05/2014 11:16 p.m., Jatin Bhasin wrote: Hello, icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP); The above command works fine in squid. But if I run the same command in my eCap adapter I get an error. EPERM (Operation not permitted). Can you please help? Is this related the way dll are handled in linux. It is related to the application effective user permissions. The Squid helper program which that code is in requires to be run with root user privileges solely in order to do that. Whereas the main Squid binary running your eCAP library is operating under a protected / unprivileged user account when it processes HTTP traffic. Why are you trying to do ICMP from an eCAP adaptor? Amos