diff --git a/src/runmode-pcap.c b/src/runmode-pcap.c
index 1e56bdacca..634d4e0e4e 100644
--- a/src/runmode-pcap.c
+++ b/src/runmode-pcap.c
@@ -93,6 +93,7 @@ void *ParsePcapConfig(const char *iface)
     char *tmpbpf;
     char *tmpctype;
     intmax_t value;
+    int promisc = 0;
 
     if (unlikely(aconf == NULL)) {
         return NULL;
@@ -209,6 +210,13 @@ void *ParsePcapConfig(const char *iface)
         }
     }
 
+    aconf->promisc = LIBPCAP_PROMISC;
+    if (ConfGetChildValueBoolWithDefault(if_root, if_default, "promisc", &promisc) != 1) {
+        SCLogDebug("could not get promisc or none specified");
+    } else {
+        aconf->promisc = promisc;
+    }
+
     return aconf;
 }
 
diff --git a/src/source-pcap.c b/src/source-pcap.c
index cb9dd03a37..2567b2c5d0 100644
--- a/src/source-pcap.c
+++ b/src/source-pcap.c
@@ -415,7 +415,8 @@ TmEcode ReceivePcapThreadInit(ThreadVars *tv, void *initdata, void **data) {
         }
     }
 
-    int pcap_set_promisc_r = pcap_set_promisc(ptv->pcap_handle,LIBPCAP_PROMISC);
+    /* set Promisc, and Timeout. Must be called before pcap_activate */
+    int pcap_set_promisc_r = pcap_set_promisc(ptv->pcap_handle, pcapconfig->promisc);
     //printf("ReceivePcapThreadInit: pcap_set_promisc(%p) returned %" PRId32 "\n", ptv->pcap_handle, pcap_set_promisc_r);
     if (pcap_set_promisc_r != 0) {
         SCLogError(SC_ERR_PCAP_SET_PROMISC, "Couldn't set promisc mode, error %s", pcap_geterr(ptv->pcap_handle));
diff --git a/src/source-pcap.h b/src/source-pcap.h
index 34e4cf3113..e3c3dbdb29 100644
--- a/src/source-pcap.h
+++ b/src/source-pcap.h
@@ -53,6 +53,8 @@ typedef struct PcapIfaceConfig_
     int threads;
     /* socket buffer size */
     int buffer_size;
+    /* promiscuous value */
+    int promisc;
     /* BPF filter */
     char *bpf_filter;
     ChecksumValidationMode checksum_mode;
diff --git a/suricata.yaml.in b/suricata.yaml.in
index c352d6305c..08e283a183 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -709,6 +709,8 @@ pcap:
     # rings. In this case, set up the threads variable to N to start N threads
     # listening on the same interface.
     #threads: 16
+    # set to no to disable promiscuous mode:
+    #promisc: no
   # Put default values here
   - interface: default
     #checksum-checks: auto