tcpdump: permission denied

Fix the tcpdump permission denied error by running with root privileges or adding CAP_NET_RAW capability.

tcpdump: permission denied
When tcpdump Produces This Error
What Causes Permission Denied in tcpdump
How to Fix Permission Denied in tcpdump
How to Verify the Fix

tcpdump: permission denied

tcpdump requires root privileges or the CAP_NET_RAW capability to capture packets on a network interface.

When tcpdump Produces This Error

tcpdump displays tcpdump: eth0: You don't have permission to capture on that device or Operation not permitted when run by a non-root user.

What Causes Permission Denied in tcpdump

Packet capture requires raw socket access, which is restricted to root on Linux. Non-root users cannot open network interfaces for promiscuous capture.

How to Fix Permission Denied in tcpdump

Run tcpdump with sudo:
```
sudo tcpdump -i eth0
```
Or grant the CAP_NET_RAW capability to the tcpdump binary so non-root users can capture:
```
sudo setcap cap_net_raw=eip /usr/bin/tcpdump
```

How to Verify the Fix

tcpdump should start capturing without errors:

tcpdump -i eth0 -c 5