public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] Auto-detecting network I'm connected to
@ 2010-10-21 19:47 Alan McKinnon
  2010-10-21 23:14 ` Maciej Grela
  0 siblings, 1 reply; 3+ messages in thread
From: Alan McKinnon @ 2010-10-21 19:47 UTC (permalink / raw
  To: gentoo-user

Hi all,

One gentoo notebook running wicd, three general classes of network logon used 
frequently (dhpc always):

work - mostly wired, occasionally wireless. There's a plethora of APs to pick
       from, some official, some rogue. And not all end up being served by the 
       same dhcp server, or even be in sync with each other.
home - Easy one. Usually wireless, sometimes wired. I control the router.
everything else - friend's houses, other companies, wifi hotspots.

Thanks to our IT division I get lots of practice in finding interesting ways 
into the corporate network. Depending on how I'm connected I start up all 
manner of tunnels, socks proxies and various other bits. Doing this manually 
is getting tedious.

So I'm looking for a reasonably reliable way of detecting what served my 
current IP address so the post-start script in wicd can detect this and launch 
all the correct things correctly. The actual address range and domain is not 
the way to go - too many networks dish out 10.0.0.0/8 and example.com for that 
to work well.

I have some ideas of my own, but figured I'd ask here as well. Odds are 
excellent someone will have much better ideas than I.


-- 
alan dot mckinnon at gmail dot com



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [gentoo-user] Auto-detecting network I'm connected to
  2010-10-21 19:47 [gentoo-user] Auto-detecting network I'm connected to Alan McKinnon
@ 2010-10-21 23:14 ` Maciej Grela
  2010-10-22 10:14   ` Alan McKinnon
  0 siblings, 1 reply; 3+ messages in thread
From: Maciej Grela @ 2010-10-21 23:14 UTC (permalink / raw
  To: gentoo-user

2010/10/21 Alan McKinnon <alan.mckinnon@gmail.com>:
> Hi all,
>
> One gentoo notebook running wicd, three general classes of network logon used
> frequently (dhpc always):
>
> work - mostly wired, occasionally wireless. There's a plethora of APs to pick
>       from, some official, some rogue. And not all end up being served by the
>       same dhcp server, or even be in sync with each other.
> home - Easy one. Usually wireless, sometimes wired. I control the router.
> everything else - friend's houses, other companies, wifi hotspots.
>
> Thanks to our IT division I get lots of practice in finding interesting ways
> into the corporate network. Depending on how I'm connected I start up all
> manner of tunnels, socks proxies and various other bits. Doing this manually
> is getting tedious.
>
> So I'm looking for a reasonably reliable way of detecting what served my
> current IP address so the post-start script in wicd can detect this and launch
> all the correct things correctly. The actual address range and domain is not
> the way to go - too many networks dish out 10.0.0.0/8 and example.com for that
> to work well.
>
> I have some ideas of my own, but figured I'd ask here as well. Odds are
> excellent someone will have much better ideas than I.
>

There are a few metrics you can use to identify a "network" you are on:

1. ESSID and AP MAC in case of wireless
2. MAC address of DHCP server that served you the address (can be also
used to alarm you when DHCP-spoofing is detected).
3. MAC addresses of hosts provided by DHCP (gateway and DNS usually).
4. CDP or LLDP traffic on your interface (usually present in corporate LANs).

There was once a feature in gentoo, which involved loading different
network profiles from /etc/conf.d/net depending on the IP address of
the gateway offered by DHCP. It worked pretty well in the days before
networkmanager and wicd.

-- 
Maciej Grela



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [gentoo-user] Auto-detecting network I'm connected to
  2010-10-21 23:14 ` Maciej Grela
@ 2010-10-22 10:14   ` Alan McKinnon
  0 siblings, 0 replies; 3+ messages in thread
From: Alan McKinnon @ 2010-10-22 10:14 UTC (permalink / raw
  To: gentoo-user; +Cc: Maciej Grela

Apparently, though unproven, at 01:14 on Friday 22 October 2010, Maciej Grela 
did opine thusly:

> 2010/10/21 Alan McKinnon <alan.mckinnon@gmail.com>:
> > Hi all,
> > 
> > One gentoo notebook running wicd, three general classes of network logon
> > used frequently (dhpc always):
> > 
> > work - mostly wired, occasionally wireless. There's a plethora of APs to
> > pick from, some official, some rogue. And not all end up being served by
> > the same dhcp server, or even be in sync with each other.
> > home - Easy one. Usually wireless, sometimes wired. I control the router.
> > everything else - friend's houses, other companies, wifi hotspots.
> > 
> > Thanks to our IT division I get lots of practice in finding interesting
> > ways into the corporate network. Depending on how I'm connected I start
> > up all manner of tunnels, socks proxies and various other bits. Doing
> > this manually is getting tedious.
> > 
> > So I'm looking for a reasonably reliable way of detecting what served my
> > current IP address so the post-start script in wicd can detect this and
> > launch all the correct things correctly. The actual address range and
> > domain is not the way to go - too many networks dish out 10.0.0.0/8 and
> > example.com for that to work well.
> > 
> > I have some ideas of my own, but figured I'd ask here as well. Odds are
> > excellent someone will have much better ideas than I.
> 
> There are a few metrics you can use to identify a "network" you are on:
> 
> 1. ESSID and AP MAC in case of wireless
> 2. MAC address of DHCP server that served you the address (can be also
> used to alarm you when DHCP-spoofing is detected).
> 3. MAC addresses of hosts provided by DHCP (gateway and DNS usually).
> 4. CDP or LLDP traffic on your interface (usually present in corporate
> LANs).
> 
> There was once a feature in gentoo, which involved loading different
> network profiles from /etc/conf.d/net depending on the IP address of
> the gateway offered by DHCP. It worked pretty well in the days before
> networkmanager and wicd.


Thanks for this, it gives me some ideas to work on further.


-- 
alan dot mckinnon at gmail dot com



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2010-10-22 10:13 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-10-21 19:47 [gentoo-user] Auto-detecting network I'm connected to Alan McKinnon
2010-10-21 23:14 ` Maciej Grela
2010-10-22 10:14   ` Alan McKinnon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox