Currently I’m writing a small project that views the local bandwidth. I installed the package and implemented the code that’s available on the pcap4j site just to try it out like so:
import org.pcap4j.core.*; import org.pcap4j.core.PcapNetworkInterface.PromiscuousMode; import org.pcap4j.packet.IpV4Packet; import org.pcap4j.packet.Packet; import java.io.EOFException; import java.lang.*; import java.net.*; import java.util.concurrent.TimeoutException; public class BandwidthViewer { public static void main(String[] args) throws UnknownHostException, PcapNativeException, EOFException, TimeoutException, NotOpenException { InetAddress addr = InetAddress.getByName("192.168.1.8"); PcapNetworkInterface nif = Pcaps.getDevByAddress(addr); int snapLen = 65536; PromiscuousMode mode = PromiscuousMode.PROMISCUOUS; int timeout = 10; PcapHandle handle = nif.openLive(snapLen, mode, timeout); Packet packet = handle.getNextPacketEx(); handle.close(); IpV4Packet ipV4Packet = packet.get(IpV4Packet.class); Inet4Address srcAddr = ipV4Packet.getHeader().getSrcAddr(); System.out.println(srcAddr); } }
Once run I get this error:
/usr/lib/jvm/java-11-openjdk/bin/java -javaagent:/usr/share/idea/lib/idea_rt.jar=46685:/usr/share/idea/bin -Dfile.encoding=UTF-8 -classpath /home/ivan/mdrive/Projects/IdeaProjects/BandwidthViewer/target/classes:/home/ivan/.m2/repository/org/pcap4j/pcap4j-core/2.0.0-alpha.6/pcap4j-core-2.0.0-alpha.6.jar:/home/ivan/.m2/repository/org/slf4j/slf4j-api/1.7.26/slf4j-api-1.7.26.jar:/home/ivan/.m2/repository/net/java/dev/jna/jna/5.3.1/jna-5.3.1.jar:/home/ivan/.m2/repository/org/pcap4j/pcap4j-packetfactory-static/2.0.0-alpha.6/pcap4j-packetfactory-static-2.0.0-alpha.6.jar BandwidthViewer SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder". SLF4J: Defaulting to no-operation (NOP) logger implementation SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details. Exception in thread "main" org.pcap4j.core.PcapNativeException: enp3s0: You don't have permission to capture on that device (socket: Operation not permitted) at org.pcap4j.core.PcapNetworkInterface.openLive(PcapNetworkInterface.java:238) at BandwidthViewer.main(BandwidthViewer.java:19) Process finished with exit code 1
It makes sense that I can sniff any packets since I’m running it as a non-root user. I tried to fix this by using a solution like this but ultimately it didn’t work. I know this should be possible, since programs like Wireshark also need you to log in as a root user in order to look at all the packets. Does anybody know what can fix this? Obviously I could run my IDE as root but that just seems unnecessary. I’m running this on Manjaro Linux.
Advertisement
Answer
I fixed it. After further investigation I figured out that the file I was trying to add permissions to was within my java-8-openjdk
folder, but my project uses java-11-openjdk
. So I set the permissions for the correct executable and it now works. Changing the permissions can be done by logging in as root in a terminal and executing: setcap cap_net_raw,cap_net_admin=eip /path/to/java