allow-hotplug ens6f1 iface ens6f1 inet manual up ifconfig $IFACE -arp up up ip link set $IFACE promisc on down ip link set $IFACE promisc off down ifconfig $IFACE down post-up for i in rx tx sg tso ufo gso gro lro; do ethtool -K $IFACE $i off; doneNicely lifted from https://github.com/Security-Onion-Solutions/security-onion/wiki/NetworkConfiguration
you can also configure to start tcpdump in post-up
post-up for i in rx tx sg tso ufo gso gro lro; do ethtool -K $IFACE $i off; done; tcpdump -n -i $IFACE -w /var/tmp/trace -C100 -W 999Linux un-numbered interfaces for Packet Capture
- Juniper, Fortigate Cheat Sheet
- Meltdown, Spectre, Virtual loads and Security