FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 10-21-2010, 07:47 PM
Alan McKinnon
 
Default Auto-detecting network I'm connected to

Hi all,

One gentoo notebook running wicd, three general classes of network logon used
frequently (dhpc always):

work - mostly wired, occasionally wireless. There's a plethora of APs to pick
from, some official, some rogue. And not all end up being served by the
same dhcp server, or even be in sync with each other.
home - Easy one. Usually wireless, sometimes wired. I control the router.
everything else - friend's houses, other companies, wifi hotspots.

Thanks to our IT division I get lots of practice in finding interesting ways
into the corporate network. Depending on how I'm connected I start up all
manner of tunnels, socks proxies and various other bits. Doing this manually
is getting tedious.

So I'm looking for a reasonably reliable way of detecting what served my
current IP address so the post-start script in wicd can detect this and launch
all the correct things correctly. The actual address range and domain is not
the way to go - too many networks dish out 10.0.0.0/8 and example.com for that
to work well.

I have some ideas of my own, but figured I'd ask here as well. Odds are
excellent someone will have much better ideas than I.


--
alan dot mckinnon at gmail dot com
 
Old 10-21-2010, 11:14 PM
Maciej Grela
 
Default Auto-detecting network I'm connected to

2010/10/21 Alan McKinnon <alan.mckinnon@gmail.com>:
> Hi all,
>
> One gentoo notebook running wicd, three general classes of network logon used
> frequently (dhpc always):
>
> work - mostly wired, occasionally wireless. There's a plethora of APs to pick
> * * * from, some official, some rogue. And not all end up being served by the
> * * * same dhcp server, or even be in sync with each other.
> home - Easy one. Usually wireless, sometimes wired. I control the router.
> everything else - friend's houses, other companies, wifi hotspots.
>
> Thanks to our IT division I get lots of practice in finding interesting ways
> into the corporate network. Depending on how I'm connected I start up all
> manner of tunnels, socks proxies and various other bits. Doing this manually
> is getting tedious.
>
> So I'm looking for a reasonably reliable way of detecting what served my
> current IP address so the post-start script in wicd can detect this and launch
> all the correct things correctly. The actual address range and domain is not
> the way to go - too many networks dish out 10.0.0.0/8 and example.com for that
> to work well.
>
> I have some ideas of my own, but figured I'd ask here as well. Odds are
> excellent someone will have much better ideas than I.
>

There are a few metrics you can use to identify a "network" you are on:

1. ESSID and AP MAC in case of wireless
2. MAC address of DHCP server that served you the address (can be also
used to alarm you when DHCP-spoofing is detected).
3. MAC addresses of hosts provided by DHCP (gateway and DNS usually).
4. CDP or LLDP traffic on your interface (usually present in corporate LANs).

There was once a feature in gentoo, which involved loading different
network profiles from /etc/conf.d/net depending on the IP address of
the gateway offered by DHCP. It worked pretty well in the days before
networkmanager and wicd.

--
Maciej Grela
 
Old 10-22-2010, 10:14 AM
Alan McKinnon
 
Default Auto-detecting network I'm connected to

Apparently, though unproven, at 01:14 on Friday 22 October 2010, Maciej Grela
did opine thusly:

> 2010/10/21 Alan McKinnon <alan.mckinnon@gmail.com>:
> > Hi all,
> >
> > One gentoo notebook running wicd, three general classes of network logon
> > used frequently (dhpc always):
> >
> > work - mostly wired, occasionally wireless. There's a plethora of APs to
> > pick from, some official, some rogue. And not all end up being served by
> > the same dhcp server, or even be in sync with each other.
> > home - Easy one. Usually wireless, sometimes wired. I control the router.
> > everything else - friend's houses, other companies, wifi hotspots.
> >
> > Thanks to our IT division I get lots of practice in finding interesting
> > ways into the corporate network. Depending on how I'm connected I start
> > up all manner of tunnels, socks proxies and various other bits. Doing
> > this manually is getting tedious.
> >
> > So I'm looking for a reasonably reliable way of detecting what served my
> > current IP address so the post-start script in wicd can detect this and
> > launch all the correct things correctly. The actual address range and
> > domain is not the way to go - too many networks dish out 10.0.0.0/8 and
> > example.com for that to work well.
> >
> > I have some ideas of my own, but figured I'd ask here as well. Odds are
> > excellent someone will have much better ideas than I.
>
> There are a few metrics you can use to identify a "network" you are on:
>
> 1. ESSID and AP MAC in case of wireless
> 2. MAC address of DHCP server that served you the address (can be also
> used to alarm you when DHCP-spoofing is detected).
> 3. MAC addresses of hosts provided by DHCP (gateway and DNS usually).
> 4. CDP or LLDP traffic on your interface (usually present in corporate
> LANs).
>
> There was once a feature in gentoo, which involved loading different
> network profiles from /etc/conf.d/net depending on the IP address of
> the gateway offered by DHCP. It worked pretty well in the days before
> networkmanager and wicd.


Thanks for this, it gives me some ideas to work on further.


--
alan dot mckinnon at gmail dot com
 

Thread Tools




All times are GMT. The time now is 07:24 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org