akostrikov/cap.sh

## cap.sh
# Можно без capabilities пинговать
akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=-ep /usr/bin/ping
[sudo] password for akostrikov:
akostrikov@DESKTOP-2F6SIC8:~$ getcap /usr/bin/ping
/usr/bin/ping =

# Причем пинг идёт с ICMP
akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
[1] 684
akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=25.3 ms

--- 1.1.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 25.272/25.272/25.272/0.000 ms
akostrikov@DESKTOP-2F6SIC8:~$ 16:41:26.762637 eth0  Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 2, seq 1, length 64
16:41:26.787892 eth0  In  IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 2, seq 1, length 64


# Работает с помощью ping_group_range
akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl net.ipv4.ping_group_range
net.ipv4.ping_group_range = 0   2147483647
# Отключаем
akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 0"
net.ipv4.ping_group_range = 1 0
akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
[2] 1095
akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

# Ничего не видно
akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
akostrikov@DESKTOP-2F6SIC8:~$
akostrikov@DESKTOP-2F6SIC8:~$ fg
sudo tcpdump -i any host 1.1.1.1
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 2147483647"
net.ipv4.ping_group_range = 1 2147483647

akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
[2] 1197
akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

# Теперь видим ICMP пакеты
akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=23.6 ms

--- 1.1.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 23.643/23.643/23.643/0.000 ms
akostrikov@DESKTOP-2F6SIC8:~$ 16:43:26.646968 eth0  Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 3, seq 1, length 64
16:43:26.670593 eth0  In  IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 3, seq 1, length 64
akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=+ep /usr/bin/ping
akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 0"
net.ipv4.ping_group_range = 1 0
akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=23.7 ms

--- 1.1.1.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 23.727/23.727/23.727/0.000 ms
akostrikov@DESKTOP-2F6SIC8:~$ 16:44:08.397165 eth0  Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 42818, seq 1, length 64
16:44:08.420874 eth0  In  IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 42818, seq 1, length 64

akostrikov@DESKTOP-2F6SIC8:~$ fg
sudo tcpdump -i any host 1.1.1.1
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel
akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 2147483647"
net.ipv4.ping_group_range = 1 2147483647
	# Можно без capabilities пинговать
	akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=-ep /usr/bin/ping
	[sudo] password for akostrikov:
	akostrikov@DESKTOP-2F6SIC8:~$ getcap /usr/bin/ping
	/usr/bin/ping =

	# Причем пинг идёт с ICMP
	akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
	[1] 684
	akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
	tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
	listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

	akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
	PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
	64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=25.3 ms

	--- 1.1.1.1 ping statistics ---
	1 packets transmitted, 1 received, 0% packet loss, time 0ms
	rtt min/avg/max/mdev = 25.272/25.272/25.272/0.000 ms
	akostrikov@DESKTOP-2F6SIC8:~$ 16:41:26.762637 eth0 Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 2, seq 1, length 64
	16:41:26.787892 eth0 In IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 2, seq 1, length 64


	# Работает с помощью ping_group_range
	akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl net.ipv4.ping_group_range
	net.ipv4.ping_group_range = 0 2147483647
	# Отключаем
	akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 0"
	net.ipv4.ping_group_range = 1 0
	akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
	akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
	[2] 1095
	akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
	tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
	listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

	# Ничего не видно
	akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
	akostrikov@DESKTOP-2F6SIC8:~$
	akostrikov@DESKTOP-2F6SIC8:~$ fg
	sudo tcpdump -i any host 1.1.1.1
	^C
	0 packets captured
	0 packets received by filter
	0 packets dropped by kernel
	akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 2147483647"
	net.ipv4.ping_group_range = 1 2147483647

	akostrikov@DESKTOP-2F6SIC8:~$ sudo tcpdump -i any host 1.1.1.1 &
	[2] 1197
	akostrikov@DESKTOP-2F6SIC8:~$ tcpdump: data link type LINUX_SLL2
	tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
	listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

	# Теперь видим ICMP пакеты
	akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
	PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
	64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=23.6 ms

	--- 1.1.1.1 ping statistics ---
	1 packets transmitted, 1 received, 0% packet loss, time 0ms
	rtt min/avg/max/mdev = 23.643/23.643/23.643/0.000 ms
	akostrikov@DESKTOP-2F6SIC8:~$ 16:43:26.646968 eth0 Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 3, seq 1, length 64
	16:43:26.670593 eth0 In IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 3, seq 1, length 64
	akostrikov@DESKTOP-2F6SIC8:~$ sudo setcap cap_net_raw=+ep /usr/bin/ping
	akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 0"
	net.ipv4.ping_group_range = 1 0
	akostrikov@DESKTOP-2F6SIC8:~$ ping 1.1.1.1 -c1
	PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
	64 bytes from 1.1.1.1: icmp_seq=1 ttl=49 time=23.7 ms

	--- 1.1.1.1 ping statistics ---
	1 packets transmitted, 1 received, 0% packet loss, time 0ms
	rtt min/avg/max/mdev = 23.727/23.727/23.727/0.000 ms
	akostrikov@DESKTOP-2F6SIC8:~$ 16:44:08.397165 eth0 Out IP 172.29.209.78 > one.one.one.one: ICMP echo request, id 42818, seq 1, length 64
	16:44:08.420874 eth0 In IP one.one.one.one > 172.29.209.78: ICMP echo reply, id 42818, seq 1, length 64

	akostrikov@DESKTOP-2F6SIC8:~$ fg
	sudo tcpdump -i any host 1.1.1.1
	^C
	4 packets captured
	4 packets received by filter
	0 packets dropped by kernel
	akostrikov@DESKTOP-2F6SIC8:~$ sudo sysctl "net.ipv4.ping_group_range=1 2147483647"
	net.ipv4.ping_group_range = 1 2147483647