I've been experiencing issues with running host-sflow on Linux in combination with privilege dropping enabled. Sometimes (but often enough) hsflowd will refuse to start because it is unable to open some of the interfaces.
I've modified the code to log the actual PCAP error:
This results in the following errors, when it fails:
Nov 29 15:16:43 localhost user.err hsflowd: PCAP: device eth2 open failed: eth2: You don't have permission to capture on that device (socket: Operation not permitted)
Nov 29 15:16:43 localhost user.err hsflowd: PCAP: device eth3 open failed: eth3: You don't have permission to capture on that device (socket: Operation not permitted)
Restarting the host-sflow service in a loop will eventually result in success, so this must be a race condition somewhere.
I've been experiencing issues with running host-sflow on Linux in combination with privilege dropping enabled. Sometimes (but often enough) hsflowd will refuse to start because it is unable to open some of the interfaces.
I've modified the code to log the actual PCAP error:
This results in the following errors, when it fails:
Restarting the host-sflow service in a loop will eventually result in success, so this must be a race condition somewhere.