"In any case, it would be nice if ettercap would warn before disabling packet forwarding, and also by default restore the forwarding setting upon exit. Doing so would avoid the awkward situation that engendered this bug report."
This should be fixed in the development release, unfortunately it still needs LOT of testing before of a new release. The problem was in the "restore" code. Ettercap was starting, tweak ip forward, dropping its privileges, doing the good/bad stuff, trying to restore ip forward (but without enough privileges) -> fail. Now instead of setuid we use seteuid, that should give us the possibility to become root again (and seems working so far). reference: https://github.com/Ettercap/ettercap/blob/master/src/ec_utils.c (regain_privs function) So the restoration code should work now. Unfortunately there are some issues about an incorret ip-forward ssl rule reported, that might be related to this "regain/drop_privs" functions https://github.com/Ettercap/ettercap/issues/465 So hopefully the next release will close this "issue" aswell. Cheers, Gianfranco
