3

So, I asked a bit ago on how to make a udev rule to block certain USB devices. However, I need to achieve something like this with wireless USB adapters.

I have a wireless USB adapter from EDIMAX that's a Realtek chipset. I have it in my system for a Kali VM running inside of VMware Workstation, but I want to make it available only to the VM. Having said that, it is on my computer all the time, and I want Ubuntu to not be able to 'use' it as a network card, and only want it used by the VM.

The tricky part: I need to isolate this wifi adapter specifically from being used, while all others are fair game to the system / Network Manager. This one is dedicated for use in a VM, NOT by the host OS, Ubuntu 14.04.

I'm thinking a udev rule to prevent it from being used as a network adapter by Ubuntu is the way to go, but I am not sure how to do this or if this is the method to go. Thoughts on how I can achieve this?

The system I am trying to achieve this on is Ubuntu 14.04.

Requested Information

Relevant lsusb line:

Bus 001 Device 003: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]
Community
  • 1
Thomas Ward
  • 78,878

2 Answers2

4

How ironic the easiest solution to solve the issue happens to be one of the solutions I already knew how to implement. I now feel silly for asking in the first place...

I took an old-school power user approach to the issue. It's already well known that any interface defined in /etc/network/interfaces will be considered "Not Managed" by NetworkManager - thus is the case of my Ethernet card on my laptop and my external USB ethernet adapter when it's connected.

Basically, I put a udev rule which assigns a specific name to the adapter, vm_wlan0, in /etc/udev/rules.d/70-persistent-net.rules:

# USB device 0x:0x (rtl8192cu) 
# EDIMAX EDIMAX EW-7811Un N150 USB 2.0 Wireless nano Adapter
# Typically used for Kali VM
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="XX:XX:XX:XX:XX:XX", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="wlan*", NAME="vm_wlan0"

Now that the interface name is 'static' on the system, in comes the /etc/network/interfaces file changes. I basically borrowed these from the Debian wiki on Network Configuration which utilizes the /etc/network/interfaces file to bring a device 'up' without giving any real IP, then I tweaked it:

allow-hotplug vm_wlan0
iface vm_wlan0 inet manual
    pre-up ifconfig vm_wlan0 up
    post-up ifconfig vm_wlan0 down

This permits the computer to boot without failing to configure the network interfaces; at the same time, it brings the wireless adapter 'up' then takes it back 'down' so the device is still present on the host computer, but it is not 'on' from a networking standpoint, nor is it managed by NetworkManager.

Thomas Ward
  • 78,878
3

SYSFS drive/unbind is your way. I couldn't find authorized & remove, It seems that net device are special compared to storage ones.

I run these while plugging/unplugging the USB Wireless key to look for differences.

lsusb
lsusb -t
udevadm monitor -u
udevadm monitor --env

I noticed that:

  • VirtualBox does not go to the parent beyond USB device:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/

  • VirtualBox binds new driver for 1-1:1.0 (USB device): usbfs on plugging then regular one rt2800usb on unplugging. (I've a D-Link DWA-123 V.B1)

  • As no event sent for:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/

    So I looked for persistent child node:

    /sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/net/wlan1
/sys/devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.0/net/wlx9094e4008e2c

    (wlan1 is created then moved/renamed to wlx9094e4008e2c, I don't know why!)

Anyway

  1. Created my rules file /etc/udev/rules.d/99-my-vbox-filter.rules

  2. Added the rule

    ACTION=="add", ENV{DEVTYPE}=="wlan", ENV{SUBSYSTEM}=="net", ENV{ID_VENDOR_ID}=="2001", ENV{ID_MODEL_ID}=="3c1d", RUN="/bin/sh -c 'echo -n $(basename $(cd /sys%p/../..; pwd)) >/sys%p/../../driver/unbind'"

    2001:3c1d got from the previous mentioned commands

  3. Reload rules

    sudo udevadm control --reload

Note: I haven't used EDIMAX before, If you find it not the same case please post the collected info, so I can help.

user.dz
  • 49,176