[CoLoCo] Multiple Network Interfaces, one card?

Neal McBurnett neal at bcn.boulder.co.us
Wed Sep 5 07:01:47 BST 2007 

On Tue, Sep 04, 2007 at 11:11:50PM -0600, NICK VERBECK wrote:
> Ok I've been doing some investigating into how to do the whole this
> packet goes though this interface and this one goes thought a
> different packet. From what its looking your going to have a lot of
> fun. You will pretty much need to have an intermediary that takes
> packets from FireFox for example. Inspects the packets to see what
> type they are to figure out what interface they need to go thought.
> That intermediary then needs to talk to the Operating Systems
> Networking stack and tell it that this packet should go though its
> selected device.

I think it would be a lot easier than that for the web.  Though again,
we need to know which apps you want to play with, and asking the tor
folks is your best bet.  I bet there are howtos etc.

But if you want to e.g. just use tor for certain web sites, you should
be able to configure firefox to use a particular proxy (e.g. a squid
proxy running on your gateway machine) for use just when going to
those sites.  Then configure that squid proxy to use the tor network.
Back in the '90s at work when we wanted to proxy connections to the
outside world, but not to intranet sites, we set up a "proxy.pac" file
for netscape, and firefox still supports it.

Some useful tips seem to be on this page that a quick google search
found, though I haven't looked at it enough to know if they know what
they're talking about.  But privoxy is another option for some use
cases.

 http://tools.rosinstrument.com/proxy/howto.htm

and perhaps this page also:

 http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy

-Neal

> Pretty much all in all not an easy task. If your good with Python and
> understand the whole networking aspect of thing you may check out
> Scapy (http://www.secdev.org/projects/scapy/) . A low level python
> network protocol framework. It was referred to me by a staff member as
> being a suggestion for using.
> 
> As for the Mac and IP address things you should be able to achieve
> this with just ifconfig and the man pages. All though WiFi most likely
> will not work. As the antana can only support 1 connection.
> 
> On 8/31/07, Neal McBurnett <neal at bcn.boulder.co.us> wrote:
> > This helps a lot.  I bet tor can be slow for all your traffic....
> > My guess is that other tor users have tried to do similar things.
> > Getting the apps to clue in the network is the hard part.
> >
> > So assuming you have a laptop, connected via wireless to a router,
> > which is connected to the isp.  Perhaps your router can be smart about
> > which packets to send where, based on hints from the clients.
> > E.g. your idea of using a virtual machine, which would have
> > its own IP address, and the router could send all traffic from
> > that IP thru tor, but leave stuff from the main IP address to
> > go thru the normal default route.
> >
> > I haven't looked in a while, but it may be that some applications have
> > options which can set QoS priority bits certain ways on the packets,
> > which the router could again notice and act on.  See Differentiated
> > Services (DiffServ), RFC 2474.  Or your idea of sending some traffic
> > to a socks proxy on the router which could route them on to tor.
> >
> > Which applications do you want to route thru tor?
> >
> > -Neal
> >
> > On Fri, Aug 31, 2007 at 11:39:20AM -0400, Ringo Kamens wrote:
> > > The reason I want to do this is so that I can use two identities at
> > > once on a wireless network; an anonymous one and a non-anonymous one.
> > > On one interface (and therefore different IP/MAC) I have my
> > > non-anonymous traffic such as reading news, etc. On the other
> > > interface (different IP/MAC) I have anonymous traffic that is routed
> > > through tor (tor.eff.org). Both go through the same default gateway
> > > and communicate the same way. I've wanted to design a system for doing
> > > this for a while, and I think I now have most of the expertise needed
> > > to do it. But I'm not exactly sure how to choose where traffic from a
> > > particular program goes (which is why I'm thinking about making any
> > > "anonymous" traffic come from a virtual machine that can only see one
> > > interface.
> > > Comrade Ringo Kamens
> > >
> > > On 8/31/07, Neal McBurnett <neal at bcn.boulder.co.us> wrote:
> > > > It would help to know what your end goal is.  Why do you care which
> > > > interface is used?  What other endpoints are you trying to communicate
> > > > with?  Are you just playing with understanding interfaces?  Separating
> > > > traffic for some particular reason?  Curiosity about routing?  There
> > > > are lots and lots of techniques to play with networks and routing and
> > > > making up packets etc etc.  But we'll just stay tied up in
> > > > nomenclature until we get a "use case" to chew on - a problem to
> > > > solve.
> > > >
> > > > -Neal
> > > >
> > > > On Fri, Aug 31, 2007 at 10:39:33AM -0400, Ringo Kamens wrote:
> > > > > Ok, so how would I get the system to route a particular programs
> > > > > traffic to a particular interface if they both get to the internet.
> > > > > One idea would be to run a small socks proxy on localhost and then use
> > > > > a proxy wrapper program to direct traffic that way. Would that work?
> > > > > Comrade Ringo Kamens
> > > > >
> > > > > On 8/31/07, Dave Price <kinaole at gmail.com> wrote:
> > > > > > User level program don't talk to an interface, they talk to the
> > > > > > protocol stack which routes traffic to the appropriate interface
> > > > > > depending on the IP address / or hostname needed.
> > > > > >
> > > > > > If you have virtual interfaces set up , and a given application sends
> > > > > > data to the subnets served by those virtual interfaces, they will be
> > > > > > used for that traffic.
> > > > > >
> > > > > > On 8/30/07, Ringo Kamens <2600denver at gmail.com> wrote:
> > > > > > > Thanks for the sample commands. Is there any *simple* way to making a
> > > > > > > program use a certain interface? I was thinking about running a
> > > > > > > virtual machine that runs all of its traffic through one of the
> > > > > > > multiple interfaces.
> > > > > > > Thanks,
> > > > > > > Comrade Ringo Kamens
> > > > > > >
> > > > > > > On 8/30/07, Dave Price <kinaole at gmail.com> wrote:
> > > > > > > > Won't get you two MAC's but will get you two IP addresses
> > > > > > > >
> > > > > > > > ifconfig eth0:1  aaa.bbb.ccc.ddd
> > > > > > > > ifconfig eth0:2  aaa.bbb.ccc.ddd
> > > > > > > >
> > > > > > > > as often as you want ... with different IP's  for each virtual interface
> > > > > > > >
> > > > > > > > you also me need to add a DEFAULT GATEWAY for each new subne that you
> > > > > > > > define this way using the route command - assuming there is a gateway
> > > > > > > > on the the subnet
> > > > > > > >
> > > > > > > > As mentioned before, I don't know if virtual IP's are supported on
> > > > > > > > WLAN interfaces - never tried that...  the tricky bit would be getting
> > > > > > > > the WLAN to associate with an access point on the appropriate IP
> > > > > > > > subnet if that was needed .
> > > > > > > >
> > > > > > > > aloha (and hope this helps),
> > > > > > > > dave
> > > > > > > >
> > > > > > > > On 8/30/07, Ringo Kamens <2600denver at gmail.com> wrote:
> > > > > > > > > While it's true that the MAC address is burned into the card, it
> > > > > > > > > doesn't mean it isn't changeable. The operating system manages the MAC
> > > > > > > > > address and it can be changed at will so I would assume I could have
> > > > > > > > > it flip-flop constantly between two interfaces. What commands would I
> > > > > > > > > use to make multiple interfaces?
> > > > > > > > > Comrade Ringo Kamens
> > > > > > > > >
> > > > > > > > > On 8/30/07, David Overcash <funnylookinhat at gmail.com> wrote:
> > > > > > > > > > That's the problem that I think we failed to explain.  A MAC address is a
> > > > > > > > > > unique identifier given to each networking card (whether it be wireless or
> > > > > > > > > > wired), and each device is supposed to have only one per port (or antenna if
> > > > > > > > > > you are wireless).
> > > > > > > > > >
> > > > > > > > > > So you can have two different IP addresses, if you have two different cards
> > > > > > > > > > to create two interfaces on.
> > > > > > > > > >
> > > > > > > > > > -David
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On 8/30/07, Ringo Kamens <2600denver at gmail.com> wrote:
> > > > > > > > > > > Sorry for the slow response, I was out camping in the wilderness. I
> > > > > > > > > > > mentioned the ethernet card because I'd also be interested in setting
> > > > > > > > > > > up two interfaces on that. Can somebody point me in the right
> > > > > > > > > > > direction as to how to do this? Also, I don't see why a card couldn't
> > > > > > > > > > > send from two MACs. Doesn't the system control that anyways instead of
> > > > > > > > > > > the card?
> > > > > > > > > > > Comrade Ringo Kamens
> > > > > > > > > > >
> > > > > > > > > > > On 8/27/07, Michael Robbert <mrobbert at gmail.com> wrote:
> > > > > > > > > > > > Why do you need two different MACs? I don't see any reason that you
> > > > > > > > > > couldn't
> > > > > > > > > > > > multi home with two IPs from a wireless card.
> > > > > > > > > > > > I am a little thrown off by your mention of the ethernet card. It
> > > > > > > > > > doesn't
> > > > > > > > > > > > sound like you intend to include that in the solution of your problem,
> > > > > > > > > > but
> > > > > > > > > > > > am I misreading your problem description?
> > > > > > > > > > > >
> > > > > > > > > > > > Mike
> > > > > > > > > > > >
> > > > > > > > > > > > On 8/26/07, Ringo Kamens < 2600denver at gmail.com> wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > > I have a problem I think somebody here may have enough expertise to
> > > > > > > > > > > > > solve. I have one wireless card and one ethernet card. What I want to
> > > > > > > > > > > > > do is set up two separate network interfaces so that I can have my
> > > > > > > > > > > > > wireless card send data from two separate MAC and IP addresses. Is
> > > > > > > > > > > > > this possible? Yes, I googled it and the results came up empty. I
> > > > > > > > > > > > > would appreciate any help I could get.
> > > > > > > > > > > > > Thanks,
> > > > > > > > > > > > > Comrade Ringo Kamens
> > > > > > > > > > > > >
> > > > > > > > > > > > > --
> > > > > > > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > > > > > > Modify settings or unsubscribe at:
> > > > > > > > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > > > > > Modify settings or unsubscribe at:
> > > > > > > > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > > > > Modify settings or unsubscribe at:
> > > > > > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > > ---------------------------------------------------------
> > > > > > > > > > http://www.funnylookinhat.com
> > > > > > > > > > AIM: FunnyLookinHat
> > > > > > > > > > ICQ: 40145621
> > > > > > > > > > MSN: funnylookinhat at gmail.com
> > > > > > > > > > Jabber: funnylookinhat at gmail.com
> > > > > > > > > > IRC: irc.freenode.net
> > > > > > > > > > ---------------------------------------------------------
> > > > > > > > > > --
> > > > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > > > Modify settings or unsubscribe at:
> > > > > > > > > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > aloha,
> > > > > > > > dave
> > > > > > > >
> > > > > > > > --
> > > > > > > > Ubuntu-us-co mailing list
> > > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Ubuntu-us-co mailing list
> > > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > aloha,
> > > > > > dave
> > > > > >
> > > > > > --
> > > > > > Ubuntu-us-co mailing list
> > > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > > > >
> > > > >
> > > > > --
> > > > > Ubuntu-us-co mailing list
> > > > > Ubuntu-us-co at lists.ubuntu.com
> > > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > >
> > > > --
> > > > Ubuntu-us-co mailing list
> > > > Ubuntu-us-co at lists.ubuntu.com
> > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> > > >
> > >
> > > --
> > > Ubuntu-us-co mailing list
> > > Ubuntu-us-co at lists.ubuntu.com
> > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> >
> > --
> > Ubuntu-us-co mailing list
> > Ubuntu-us-co at lists.ubuntu.com
> > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co
> >
> 
> 
> -- 
> Nick Verbeck - NerdyNick
> ----------------------------------------------------
> NerdyNick.com
> NerdyNick.org
> NerdyNick.net
> GamesAndBitches.com
> SkeletalDesign.com
> KemperBand.com
> 
> -- 
> Ubuntu-us-co mailing list
> Ubuntu-us-co at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-co

More information about the Ubuntu-us-co mailing list