summaryrefslogtreecommitdiffstats
path: root/src/capabilities.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/capabilities.c')
-rw-r--r--src/capabilities.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/capabilities.c b/src/capabilities.c
index f72b7f9..5e02df3 100644
--- a/src/capabilities.c
+++ b/src/capabilities.c
@@ -76,7 +76,13 @@ static void try_cap(cap_value_t cap) {
/** Returns true if CAP_NET_ADMIN should be retained */
static bool need_cap_net_admin(void) {
- return !fastd_config_persistent_ifaces() && conf.drop_caps != DROP_CAPS_FORCE;
+ if (!fastd_config_persistent_ifaces() && conf.drop_caps != DROP_CAPS_FORCE)
+ return true;
+
+ if (!(ctx.sock_default_v4 || ctx.sock_default_v6) && conf.packet_mark)
+ return true;
+
+ return false;
}
/** Returns true if CAP_NET_RAW should be retained */
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 00:36:35 +0100