Quick Primer: kernel flags
Reviewing set kernel flags will allow you to easily determine many settings that are in use at run time for devices in /sys/class.
For instance, to determine if a network interface is in promiscuous mode:
Find the flag that sets promiscuous mode:
cat /usr/src/kernels/$(uname -r)/include/linux/if.h | grep -i promisc
Then take a look at the flag of the interface (network device):
If the flag is set to 0x1103 then it is in promiscuous mode.
To find out what the 0x003 value means, review /usr/src/kernels/$(uname -r)/include/linux/if.h:
cat /usr/src/kernels/$(uname -r)/include/linux/if.h | grep define | less
“But, Matt, it looks like 0x100 has two definitions?” you might think. If you take a look at the contents of the source file, you will see that there are two scopes of these constants/flags: “Standard interface flags (netdevice->flags)” and “Private (from user) interface flags (netdevice->priv_flags).”
The author of Samhain has a very detailed article of other solutions to determine promiscuous mode, which may be able to translate over the other device kernel flags.