twisterarmy/dnsseeder
1
0
Fork 0
mirror of https://github.com/twisterarmy/dnsseeder.git synced 2025-08-26 05:31:56 +00:00
Code Issues Projects Releases Wiki Activity

Document setcap

Browse Source
This commit is contained in:
Jeremy Rand 2021-10-02 17:14:15 +00:00
parent 68553f9c51
commit 372e682ba8
No known key found for this signature in database
GPG Key ID: EB03139A459DD06E
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
README.md
View File

@ -91,7 +91,9 @@ ${HOME}/go/bin/dnsseeder -p <dns.port.to.listen.on> -v -w 8880 -netfile ${1} 2>&
## RUNNING AS NON-ROOT
Typically, you'll need root privileges to listen to port 53 (name service).
Typically, you'll need root privileges to listen to port 53 (name service). Some potential solutions:
### iptables
One solution is using an iptables rule (Linux only) to redirect it to
a non-privileged port:
@ -101,6 +103,11 @@ $ iptables -t nat -A PREROUTING -p udp --dport 53 -j REDIRECT --to-port 5353
If properly configured, this will allow you to run dnsseeder in userspace, using
the -p 5353 option.
### setcap
On Linux, another solution is running the following command to authorize dnsseeder to bind to privileged ports.
$ sudo setcap 'cap_net_bind_service=+ep' ${HOME}/go/bin/dnsseeder
## License