3

So, I asked a bit ago on how to make a udev rule to block certain USB devices. However, I need to achieve something like this with wireless USB adapters.

I have a wireless USB adapter from EDIMAX that's a Realtek chipset. I have it in my system for a Kali VM running inside of VMware Workstation, but I want to make it available only to the VM. Having said that, it is on my computer all the time, and I want Ubuntu to not be able to 'use' it as a network card, and only want it used by the VM.

The tricky part: I need to isolate this wifi adapter specifically from being used, while all others are fair game to the system / Network Manager. This one is dedicated for use in a VM, NOT by the host OS, Ubuntu 14.04.

I'm thinking a udev rule to prevent it from being used as a network adapter by Ubuntu is the way to go, but I am not sure how to do this or if this is the method to go. Thoughts on how I can achieve this?

The system I am trying to achieve this on is Ubuntu 14.04.

Requested Information

Relevant lsusb line:

Bus 001 Device 003: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]
Community
  • 1
Thomas Ward
  • 74,764
  • 1
    Can you add the relevant line from lsusb? I too think udev is the way to go. In the meantime a quick and dirty hack could be blacklisting the driver in the host, so that the device is not claimed and it's free to be used from the VM. But it disables all the devices using that driver (if others) and, regardless, it's ugly, I know. Just as temporary solution. – kos Dec 03 '15 at 15:01
  • Also, how about this? (found here, it's a simple udev rule): SUBSYSTEM=="usb", ATTRS{idVendor}=="0a5c", ATTRS{idProduct}=="217f", ATTR{authorized}="0", obviously replacing 0a5c and 217f with the values from the relevant lsusb entry. – kos Dec 03 '15 at 15:27
  • 1
    @kos the simpler power-user approach was one I already knew... and it actually works as intended! xD – Thomas Ward Dec 03 '15 at 21:13

2 Answers2

4

How ironic the easiest solution to solve the issue happens to be one of the solutions I already knew how to implement. I now feel silly for asking in the first place...

I took an old-school power user approach to the issue. It's already well known that any interface defined in /etc/network/interfaces will be considered "Not Managed" by NetworkManager - thus is the case of my Ethernet card on my laptop and my external USB ethernet adapter when it's connected.

Basically, I put a udev rule which assigns a specific name to the adapter, vm_wlan0, in /etc/udev/rules.d/70-persistent-net.rules:

# USB device 0x:0x (rtl8192cu) 
# EDIMAX EDIMAX EW-7811Un N150 USB 2.0 Wireless nano Adapter
# Typically used for Kali VM
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="XX:XX:XX:XX:XX:XX", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*", NAME="vm_wlan0"

Now that the interface name is 'static' on the system, in comes the /etc/network/interfaces file changes. I basically borrowed these from the Debian wiki on Network Configuration which utilizes the /etc/network/interfaces file to bring a device 'up' without giving any real IP, then I tweaked it:

allow-hotplug vm_wlan0
iface vm_wlan0 inet manual
    pre-up ifconfig vm_wlan0 up
    post-up ifconfig vm_wlan0 down

This permits the computer to boot without failing to configure the network interfaces; at the same time, it brings the wireless adapter 'up' then takes it back 'down' so the device is still present on the host computer, but it is not 'on' from a networking standpoint, nor is it managed by NetworkManager.

Thomas Ward
  • 74,764
  • 1
    Yep, even simpler then using /etc/NetworkManager/dispatcher.d/ scripts :), new method learned thank you. – user.dz Dec 03 '15 at 21:20
  • 1
    @Sneetsher indeed it is. And I knew this could be done, but I forgot and didn't think about it for a freaking MONTH. Now I feel damn stupid for asking a question in the first place. Love your udev approach though, so I might give you the bounty in 16 hours when it lets me. And you're welcome, for me teaching you something new :) – Thomas Ward Dec 03 '15 at 21:23
3

SYSFS drive/unbind is your way. I couldn't find authorized & remove, It seems that net device are special compared to storage ones.

I run these while plugging/unplugging the USB Wireless key to look for differences.

lsusb
lsusb -t
udevadm monitor -u
udevadm monitor --env

I noticed that:

  • VirtualBox does not go to the parent beyond USB device:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/

  • VirtualBox binds new driver for 1-1:1.0 (USB device): usbfs on plugging then regular one rt2800usb on unplugging. (I've a D-Link DWA-123 V.B1)

  • As no event sent for:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/

    So I looked for persistent child node:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/net/wlan1
/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/net/wlx9094e4008e2c

    (wlan1 is created then moved/renamed to wlx9094e4008e2c, I don't know why!)

Anyway

  1. Created my rules file /etc/udev/rules.d/99-my-vbox-filter.rules

  2. Added the rule

    ACTION=="add", ENV{DEVTYPE}=="wlan", ENV{SUBSYSTEM}=="net", ENV{ID_VENDOR_ID}=="2001", ENV{ID_MODEL_ID}=="3c1d", RUN="/bin/sh -c 'echo -n $(basename $(cd /sys%p/../..; pwd)) >/sys%p/../../driver/unbind'"

    2001:3c1d got from the previous mentioned commands

  3. Reload rules

    sudo udevadm control --reload

Note: I haven't used EDIMAX before, If you find it not the same case please post the collected info, so I can help.

user.dz
  • 48,105
  • 1
    Definitely going to upvote you here, though I found a much simpler way to force "down" the device after the system turns on and such, and in such a way that NetworkManager hates me. – Thomas Ward Dec 03 '15 at 21:07