https://bugzilla.novell.com/show_bug.cgi?id=746592 https://bugzilla.novell.com/show_bug.cgi?id=746592#c0 Summary: KNetworkManager IPv4 masquerading(aka MAC spoofing) does not work Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: x86 OS/Version: openSUSE 12.1 Status: NEW Severity: Minor Priority: P5 - None Component: KDE4 Applications AssignedTo: kde-maintainers@suse.de ReportedBy: tonysu@su-networking.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 openSUSE 12.1 KDE 4.7.2 "release 5" nmcli version 0.9.1.90 Although this is on a system upgraded from 11.3 > 12.1, I dont' believe that should be significant With this version of KNetworkManager, I was surprised and curious to see for the first time that KnetworkManager might be supporting the same features as its codebase, Gnome Network Manager, one of the features previously missing was the ability to configure IP masquerading (aka MAC address spoofing). Am disappointed that although the feature is presented in the GUI, it does not work. Tested only IPv4 masquerading, did not test other new IPv4 or IPv6 features. The workaround which existed in previous versions of KnetworkManager still works, Workaround: - Using the KnetworkManager Tray applet, Disable Wireless Networking (or with most recent KnetworkManager, you can also disable all networking) - From a root CLI, execute the following command $ ifconfig wlan0 hw ether <new MAC address> Example $ ifconfig wlan0 hw ether 00:11:22:aa:bb:cc - Using KnetworkManager, re-enable networking - Verify new MAC address using ifconfig from the root CLI Reproducible: Always Steps to Reproduce: 1. Configure a working Wireless connection using WPA2 Personal Secret security, verify it's working 2. Using KnetworkManager, modify the MAC address in the connection properties (Edit...) 3. Using KnetworkManager, disable and re=enable wireless netowrking Actual Results: You will be unable to connect and will be prompted for the WPA2 password. Even re-entering the password will have no effect. Expected Results: Expected to successfully connect, followed by verification using ifconfig that the custom MAC address is being used. Also, after failing to connect the following steps are required to recover (enable a working connection again) - Using KnetworkManager, clear the custom MAC address (Edit...) for that connection - Using KnetworkManager, disable and re-enable the network connection - If desired, implement the workaround described previously Summary: Fairly obviously, KnetworkManager will enter the custom MAC address into the underlying networking subsystem, but incorrectly. I find it curious that KnetworkManager does not specify whether the custom MAC address would be permanent or temporary, and the way the address is entered implies that the address might be connection-specific, not interface or global. I wonder if this lack of clarity might contribute to a mistake in how the interface was wired to the underlying system. I'm also thinking the problem could be as simple as a hashed/not hashed string. Am submitting this with a rating of "Minor" because as I've described the workaround is not difficult but an argument could also be made that the rating should be "normal" since I'd consider its importance ocnsiderably more than cosmetic. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.