IPTABLE rules to get all network packets in promisc mode [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 8 years ago.

Improve this question

I am running Ubuntu on my machine and want to write some sniffer scripts. But I am getting packets related to my NIC only even if I run my Interface in promisc mode. Is there any IPTABLE rules that i need to put on so that i can get entrie packets on the network?? Please help. I am using python for everything i am doing , if it helps

Answer 1

In a modern switched network, you system is in general only going to see two kinds of traffic: unicast traffic explicitly directed to your system and broadcast traffic that is visible to all systems. Nothing you can do in your code will make other traffic on the network visible to you. Enabling promiscuous mode on your interfaces in this situation is going to net you very little additional traffic.

This is less true in a network with a shared bus -- such as WifI, or back in the old days when we used hubs instead of switches.

Netfilter -- the Linux firewall you manipulate with the iptables command -- really only operates on the layer 3 (ip) level, and isn't going to affect what traffic is visible to your interface.