From 3822f116c6925b9859e6903e554d29470c025981 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Sun, 30 Oct 2011 21:54:22 +0100
Subject: [PATCH] Add AF_PACKET to capability system.

This patch adds the necessary code to have AF_PACKET using
the same capability dropping mechanism as pcap. This should
fix #361.
---
 src/util-privs.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/util-privs.c b/src/util-privs.c
index b7429b5..920a6d4 100644
--- a/src/util-privs.c
+++ b/src/util-privs.c
@@ -74,7 +74,7 @@ void SCDropMainThreadCaps(uint32_t userid, uint32_t groupid)
                       CAP_NET_RAW,            /* needed for pcap live mode */
                       CAP_NET_ADMIN,          /* needed for nfqueue inline mode */
                       -1);
-    } else if (run_mode == RUNMODE_PCAP_DEV) {
+    } else if (run_mode == RUNMODE_PCAP_DEV || run_mode == RUNMODE_AFP_DEV) {
         capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
                       CAP_NET_RAW,            /* needed for pcap live mode */
                       -1);
-- 
1.7.7.1