Last active
August 29, 2015 14:27
-
-
Save bakks/7c4c68599e67254b3bc7 to your computer and use it in GitHub Desktop.
GCP MAC Spoofing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# This script defines a Linux network namespace with a given MAC address. For example: | |
# ./create_ns.sh mynamespace 00:00:00:00:00:01 192.168.0.10 | |
# This creates the namespace. Once it exists you can run: | |
# ip netns exec mynamespace /usr/bin/myservice | |
# The service will see the given MAC at eth0 and will be accessible at the IP you give (192.168.0.10 in the example). | |
# This seems to work well on GCP machines, untested elsewhere. | |
set -e | |
set -x | |
USE="Proper use: $0 [namespace name] [mac address] [visible ip]" | |
if test "$#" -ne 3; then | |
echo $USE | |
fi | |
NS=$1 | |
MAC=$2 | |
IP=$3 | |
bash -c 'echo 1 >/proc/sys/net/ipv4/ip_forward' | |
if [ -e /var/run/netns/$NS ]; then | |
ip netns delete $NS | |
fi | |
ip netns add $NS | |
ip link delete veth0 || true # delete veth0 if it exists | |
ip link add name veth0 type veth peer name veth1 | |
ifconfig veth0 192.168.0.1 up | |
iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o eth0 -j MASQUERADE | |
ip link set dev veth1 address $MAC | |
ip link set dev veth1 netns $NS | |
ip netns exec $NS ip link set dev veth1 name eth0 | |
ip netns exec $NS ifconfig eth0 $IP up | |
ip netns exec $NS route add default gw 192.168.0.1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Should probably do some validation that IP is in-fact apart of the 192.168.0.* space?