Next you have got to add the following lines to /etc/security/capability.conf to grant these privileges to the developer/user myuser.

## add to file /etc/security/capability.conf
cap_net_admin myuser
cap_net_raw   myuser

If your application needs read/write access to raw network devices such as  /dev/net/tun, grant these privileges by adding the following line to the file /etc/udev/rules.d/50-udev.rules (assuming myuser is member of group admin)

## file /etc/udev/rules.d/50-udev.rules
KERNEL==”tun”,     NAME=”net/%k”,     GROUP=”users”, MODE=”0660″, OPTIONS+=”ignore_remove”

These take effect on next reboot. In the meantime do:
sudo chown root.admin /dev/net/tun
sudo chmod g+w /dev/net/tun

Now your application has the required permissions to execute privileged network operations. Now you have got to integrate the setcap invocation into the Makefile build process. Add the following line to your make-rule:

## Makefile rule
myapp:  $(APPLIBS) main.o
     $(CC) $(CFLAGS) $(LDFLAGS)  -o myapp main.o $(APPLIBS)
     sudo setcap cap_net_admin,cap_net_raw=eip /home/myuser/workspace/proj/bin/myapp

To avoid that sudo request the password, we add the following line to the very end of the file /etc/sudoers, replace myuser by the user-name of the developer.

## Add as last line of config file /etc/sudoers
myuser ALL = (ALL) NOPASSWD: /sbin/setcap, (ALL) NOPASSWD: /sbin/ifconfig

You will notice that we grant access as well to /sbin/ifconfig. This will allow our application to invoke ifconfig commands from within application to create the required network interfaces.

Finally very that the capabilities are configured for the freshly built binary. And you should see the capabilities are the one you set before.

## Execute in console:
sudo getcap myapp

Now you are done. You should be able to execute your application with normal user permissions from within Eclipse, and invoke privileged network operations.