v5 pip - interceptor in sniff mode permissions question
78 views
Skip to first unread message
vince
Mar 20, 2024, 3:46:33 PM3/20/24
to weewx-user
I'm fiddling around trying to learn interceptor and how to set it up for v5 and have it at least listening without errors as user 'pi' as long as I'm listening on an unprivileged port.
But 'sniff' mode requires being able to get into promiscuous mode it seems and then I'm hitting permission issues. I use the 'pip' installation for weewx but I'd expect the dpkg would have the same issues since weewx now runs unprivileged.
I did find some cryptic google hits suggesting that I can give the python interpreter permission to do so ala "sudo setcap cap_net_raw+eip /usr/bin/python3.11" which seems to permit weewxd to sniff for packets, but that seems like a security risk isn't it ?
Is there a preferred way to get the unprivileged weewxd user the ability to sniff for packets if you have to run interceptor in that mode ???
My pip3 list includes:
Package Version
---------- -----------
libpcap 1.11.0b8
pypcap 1.3.0
---------- -----------
libpcap 1.11.0b8
pypcap 1.3.0
(others omitted for brevity)
My Interceptor stanza looks like:
[Interceptor]
# This section is for the network traffic interceptor driver.
# The driver to use:
driver = user.interceptor
# Specify the hardware device to capture. Options include:
# acurite-bridge - acurite internet bridge, smarthub, or access
# observer - fine offset WH2600/HP1000/HP1003, ambient WS2902
# lw30x - oregon scientific LW301/LW302
# lacrosse-bridge - lacrosse GW1000U/C84612 internet bridge
# ecowitt-client - any hardware that uses the ecowitt protocol
# wu-client - any hardware that uses the weather underground protocol
device_type = ecowitt-client
iface = wlan0
# listen
# mode = listen
# port = 8000
# or sniff
mode = sniff
pcap_filter = src 192.168.1.201 and dst port 8001
# This section is for the network traffic interceptor driver.
# The driver to use:
driver = user.interceptor
# Specify the hardware device to capture. Options include:
# acurite-bridge - acurite internet bridge, smarthub, or access
# observer - fine offset WH2600/HP1000/HP1003, ambient WS2902
# lw30x - oregon scientific LW301/LW302
# lacrosse-bridge - lacrosse GW1000U/C84612 internet bridge
# ecowitt-client - any hardware that uses the ecowitt protocol
# wu-client - any hardware that uses the weather underground protocol
device_type = ecowitt-client
iface = wlan0
# listen
# mode = listen
# port = 8000
# or sniff
mode = sniff
pcap_filter = src 192.168.1.201 and dst port 8001
John Smith
Mar 20, 2024, 9:20:58 PM3/20/24
to weewx...@googlegroups.com
I dont know why weewx isnt started as root and once up and running drop privledges. Itd solve a number of these issues.
--
You received this message because you are subscribed to the Google Groups "weewx-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to weewx-user+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/38403d42-3bb5-4003-9786-308c39309ec9n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages