Re: How to activate MAC address randomization?

From: poma <pomidorabelisima gmail com>
To: Network Manager <networkmanager-list gnome org>
Subject: Re: How to activate MAC address randomization?
Date: Thu, 26 May 2016 17:32:09 +0200

On 24.05.2016 18:18, poma wrote:

[...]

However working Association / Connection random MAC address only applies to the:
1. wpa_supplicant (Client) -> wpa_supplicant (Hotspot)
2. wpa_supplicant (Client) -> NetworkManager (Hotspot)

but not for:
3. NetworkManager (Client) -> NetworkManager (Hotspot)


Showcase,
if applied - for 'MacAddr', the same mechanism as for 'PreassocMacAddr';

sed -i 's/PreassocMacAddr/MacAddr/' src/supplicant-manager/nm-supplicant-interface.c
---
 src/supplicant-manager/nm-supplicant-interface.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/supplicant-manager/nm-supplicant-interface.c 
b/src/supplicant-manager/nm-supplicant-interface.c
index ce7a2a2..b9cafc3 100644
--- a/src/supplicant-manager/nm-supplicant-interface.c
+++ b/src/supplicant-manager/nm-supplicant-interface.c
@@ -552,7 +552,7 @@ iface_introspect_cb (GDBusProxy *proxy, GAsyncResult *result, gpointer user_data
                if (strstr (data, "ProbeRequest"))
                        priv->ap_support = NM_SUPPLICANT_FEATURE_YES;
 
-               if (strstr (data, "PreassocMacAddr")) {
+               if (strstr (data, "MacAddr")) {
                        priv->mac_randomization_support = NM_SUPPLICANT_FEATURE_YES;
 
                        /* Turn on MAC randomization during scans by default */
@@ -561,7 +561,7 @@ iface_introspect_cb (GDBusProxy *proxy, GAsyncResult *result, gpointer user_data
                                           DBUS_INTERFACE_PROPERTIES ".Set",
                                           g_variant_new ("(ssv)",
                                                          WPAS_DBUS_IFACE_INTERFACE,
-                                                         "PreassocMacAddr",
+                                                         "MacAddr",
                                                          g_variant_new_string ("1")),
                                           G_DBUS_CALL_FLAGS_NONE,
                                           -1,

 = Client =

# journalctl -o cat -b -u NetworkManager | grep -i mac
NetworkManager[2098]: <info>  [...] sup-iface[...,wlp0s2f1u3]: config: set MAC randomization to 1

# nmcli connection show WiFiRd | grep rand
802-11-wireless.mac-address-randomization:default

# journalctl -o cat -b -u wpa_supplicant.service | grep -i mac
wlp0s2f1u3: Own MAC address: 00:aa:bb:cc:dd:ee
wlp0s2f1u3: WPS: UUID based on MAC address: [...]
properties_get_or_set: Set(MacAddr)
mac_addr=1
properties_get_or_set: Set(MacAddr)
mac_addr=1
nl80211: set_mac_addr for wlp0s2f1u3 to be:7f:1b:50:34:0b
wlp0s2f1u3: Using random MAC address be:7f:1b:50:34:0b

$ macchanger -s wlp0s2f1u3
Current MAC:   be:7f:1b:50:34:0b (unknown)
Permanent MAC: 00:aa:bb:cc:dd:ee (...)


 = Hotspot =

# journalctl -o cat -b -u wpa_supplicant.service | grep '00:aa:bb:cc:dd:ee\|be:7f:1b:50:34:0b'
nl80211: MLME event 59 (NL80211_CMD_FRAME) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=ff:ff:ff:ff:ff:ff 
A2=00:aa:bb:cc:dd:ee
nl80211: RX frame da=ff:ff:ff:ff:ff:ff sa=00:aa:bb:cc:dd:ee bssid=ff:ff:ff:ff:ff:ff freq=2412 ssi_signal=-19 
fc=0x40 seq_ctrl=0xdc0 stype=4 (WLAN_FC_STYPE_PROBE_REQ) len=42
nl80211: send_mlme - da= 00:aa:bb:cc:dd:ee noack=1 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0x50 
(WLAN_FC_STYPE_PROBE_RESP) nlmode=3
...
nl80211: MLME event 59 (NL80211_CMD_FRAME) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=ee:dd:cc:bb:aa:00 
A2=be:7f:1b:50:34:0b
nl80211: RX frame da=ee:dd:cc:bb:aa:00 sa=be:7f:1b:50:34:0b bssid=ee:dd:cc:bb:aa:00 freq=2412 ssi_signal=-15 
fc=0xb0 seq_ctrl=0x0 stype=11 (WLAN_FC_STYPE_AUTH) len=30
authentication: STA=be:7f:1b:50:34:0b auth_alg=0 auth_transaction=1 status_code=0 wep=0 seq_ctrl=0x0
ap_sta_add: register ap_handle_timer timeout for be:7f:1b:50:34:0b (300 seconds - ap_max_inactivity)
nl80211: sta_remove -> DEL_STATION wlp2s2f7u2 be:7f:1b:50:34:0b --> -2 (No such file or directory)
nl80211: Add STA be:7f:1b:50:34:0b
hostapd_logger: STA be:7f:1b:50:34:0b - authentication OK (open system)
hostapd_logger: STA be:7f:1b:50:34:0b - MLME-AUTHENTICATE.indication(be:7f:1b:50:34:0b, OPEN_SYSTEM)
hostapd_logger: STA be:7f:1b:50:34:0b - MLME-DELETEKEYS.request(be:7f:1b:50:34:0b)
authentication reply: STA=be:7f:1b:50:34:0b auth_alg=0 auth_transaction=2 resp=0 (IE len=0)
nl80211: send_mlme - da= be:7f:1b:50:34:0b noack=0 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0xb0 
(WLAN_FC_STYPE_AUTH) nlmode=3
nl80211: New station be:7f:1b:50:34:0b
nl80211: MLME event 59 (NL80211_CMD_FRAME) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=ee:dd:cc:bb:aa:00 
A2=be:7f:1b:50:34:0b
nl80211: RX frame da=ee:dd:cc:bb:aa:00 sa=be:7f:1b:50:34:0b bssid=ee:dd:cc:bb:aa:00 freq=2412 ssi_signal=-15 
fc=0x0 seq_ctrl=0x10 stype=0 (WLAN_FC_STYPE_ASSOC_REQ) len=110
association request: STA=be:7f:1b:50:34:0b capab_info=0x411 listen_interval=3 seq_ctrl=0x10
HT: STA be:7f:1b:50:34:0b HT Capabilities Info: 0x19ee
update_sta_ht STA be:7f:1b:50:34:0b - no greenfield, num of non-gf stations 1
hostapd_logger: STA be:7f:1b:50:34:0b - association OK (aid 1)
nl80211: Set STA be:7f:1b:50:34:0b
nl80211: send_mlme - da= be:7f:1b:50:34:0b noack=0 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0x10 
(WLAN_FC_STYPE_ASSOC_RESP) nlmode=3
nl80211: MLME event 60 (NL80211_CMD_FRAME_TX_STATUS) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=be:7f:1b:50:34:0b 
A2=ee:dd:cc:bb:aa:00
wlp2s2f7u2: EVENT_TX_STATUS dst=be:7f:1b:50:34:0b type=0 stype=11
hostapd_logger: STA be:7f:1b:50:34:0b - authenticated
nl80211: MLME event 60 (NL80211_CMD_FRAME_TX_STATUS) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=be:7f:1b:50:34:0b 
A2=ee:dd:cc:bb:aa:00
wlp2s2f7u2: EVENT_TX_STATUS dst=be:7f:1b:50:34:0b type=0 stype=1
hostapd_logger: STA be:7f:1b:50:34:0b - associated (aid 1)
hostapd_logger: STA be:7f:1b:50:34:0b - MLME-ASSOCIATE.indication(be:7f:1b:50:34:0b)
hostapd_logger: STA be:7f:1b:50:34:0b - MLME-DELETEKEYS.request(be:7f:1b:50:34:0b)
   addr=be:7f:1b:50:34:0b
nl80211: Set STA flags - ifname=wlp2s2f7u2 addr=be:7f:1b:50:34:0b total_flags=0x62 flags_or=0x2 
flags_and=0xfffffff3 authorized=0
hostapd_logger: STA be:7f:1b:50:34:0b - event 1 notification
   addr=be:7f:1b:50:34:0b
hostapd_logger: STA be:7f:1b:50:34:0b - start authentication
WPA: be:7f:1b:50:34:0b WPA_PTK entering state INITIALIZE
   addr=be:7f:1b:50:34:0b
nl80211: Set STA flags - ifname=wlp2s2f7u2 addr=be:7f:1b:50:34:0b total_flags=0x62 flags_or=0x0 
flags_and=0xfffffffe authorized=0
hostapd_logger: STA be:7f:1b:50:34:0b - unauthorizing port
WPA: be:7f:1b:50:34:0b WPA_PTK_GROUP entering state IDLE
WPA: be:7f:1b:50:34:0b WPA_PTK entering state AUTHENTICATION
WPA: be:7f:1b:50:34:0b WPA_PTK entering state AUTHENTICATION2
WPA: be:7f:1b:50:34:0b WPA_PTK entering state INITPSK
Searching a PSK for be:7f:1b:50:34:0b prev_psk=(nil)
Searching a PSK for be:7f:1b:50:34:0b prev_psk=(nil)
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKSTART
hostapd_logger: STA be:7f:1b:50:34:0b - sending 1/4 msg of 4-Way Handshake
wlp2s2f7u2: hostapd_new_assoc_sta: reschedule ap_handle_timer timeout for be:7f:1b:50:34:0b (300 seconds - 
ap_max_inactivity)
hostapd_logger: STA be:7f:1b:50:34:0b - EAPOL-Key timeout
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKSTART
hostapd_logger: STA be:7f:1b:50:34:0b - sending 1/4 msg of 4-Way Handshake
l2_packet_receive: src=be:7f:1b:50:34:0b len=121
wlp2s2f7u2: RX EAPOL from be:7f:1b:50:34:0b
IEEE 802.1X: 121 bytes from be:7f:1b:50:34:0b
WPA: Received EAPOL-Key from be:7f:1b:50:34:0b key_info=0x10a type=2 key_data_length=22
hostapd_logger: STA be:7f:1b:50:34:0b - received EAPOL-Key frame (2/4 Pairwise)
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKCALCNEGOTIATING
Searching a PSK for be:7f:1b:50:34:0b prev_psk=(nil)
WPA: PTK derivation - A1=ee:dd:cc:bb:aa:00 A2=be:7f:1b:50:34:0b
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKCALCNEGOTIATING2
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKINITNEGOTIATING
hostapd_logger: STA be:7f:1b:50:34:0b - sending 3/4 msg of 4-Way Handshake
l2_packet_receive: src=be:7f:1b:50:34:0b len=99
wlp2s2f7u2: RX EAPOL from be:7f:1b:50:34:0b
IEEE 802.1X: 99 bytes from be:7f:1b:50:34:0b
WPA: Received EAPOL-Key from be:7f:1b:50:34:0b key_info=0x30a type=2 key_data_length=0
hostapd_logger: STA be:7f:1b:50:34:0b - received EAPOL-Key frame (4/4 Pairwise)
WPA: be:7f:1b:50:34:0b WPA_PTK entering state PTKINITDONE
   addr=be:7f:1b:50:34:0b
dbus: Station MAC address 'be:7f:1b:50:34:0b' 'StaAuthorized'
wlp2s2f7u2: AP-STA-CONNECTED be:7f:1b:50:34:0b
nl80211: Set STA flags - ifname=wlp2s2f7u2 addr=be:7f:1b:50:34:0b total_flags=0x63 flags_or=0x1 
flags_and=0xffffffff authorized=1
hostapd_logger: STA be:7f:1b:50:34:0b - authorizing port
hostapd_logger: STA be:7f:1b:50:34:0b - pairwise key handshake completed (RSN)
...
wlp2s2f7u2: ap_handle_timer: be:7f:1b:50:34:0b flags=0x8a23 timeout_next=0
wlp2s2f7u2: Station be:7f:1b:50:34:0b has been active 54s ago
ap_handle_timer: register ap_handle_timer timeout for be:7f:1b:50:34:0b (249 seconds)
nl80211: MLME event 59 (NL80211_CMD_FRAME) on wlp2s2f7u2(ee:dd:cc:bb:aa:00) A1=ff:ff:ff:ff:ff:ff 
A2=be:7f:1b:50:34:0b
nl80211: RX frame da=ff:ff:ff:ff:ff:ff sa=be:7f:1b:50:34:0b bssid=ff:ff:ff:ff:ff:ff freq=2412 ssi_signal=-15 
fc=0x40 seq_ctrl=0x6b0 stype=4 (WLAN_FC_STYPE_PROBE_REQ) len=42
nl80211: send_mlme - da= be:7f:1b:50:34:0b noack=1 freq=0 no_cck=0 offchanok=0 wait_time=0 fc=0x50 
(WLAN_FC_STYPE_PROBE_RESP) nlmode=3
...
WPA: be:7f:1b:50:34:0b WPA_PTK_GROUP entering state REKEYNEGOTIATING
hostapd_logger: STA be:7f:1b:50:34:0b - sending 1/2 msg of Group Key Handshake
l2_packet_receive: src=be:7f:1b:50:34:0b len=99
wlp2s2f7u2: RX EAPOL from be:7f:1b:50:34:0b
IEEE 802.1X: 99 bytes from be:7f:1b:50:34:0b
WPA: Received EAPOL-Key from be:7f:1b:50:34:0b key_info=0x302 type=2 key_data_length=0
hostapd_logger: STA be:7f:1b:50:34:0b - received EAPOL-Key frame (2/2 Group)
WPA: be:7f:1b:50:34:0b WPA_PTK_GROUP entering state REKEYESTABLISHED
hostapd_logger: STA be:7f:1b:50:34:0b - group key handshake completed (RSN)
WPA: be:7f:1b:50:34:0b WPA_PTK_GROUP entering state IDLE
wlp2s2f7u2: ap_handle_timer: be:7f:1b:50:34:0b flags=0x8a23 timeout_next=0
wlp2s2f7u2: Station be:7f:1b:50:34:0b has been active 0s ago
ap_handle_timer: register ap_handle_timer timeout for be:7f:1b:50:34:0b (306 seconds)
...

# journalctl -o cat -b -u NetworkManager | grep '00:aa:bb:cc:dd:ee\|be:7f:1b:50:34:0b'
DHCPDISCOVER(wlp2s2f7u2) be:7f:1b:50:34:0b
DHCPOFFER(wlp2s2f7u2) 10.42.0.234 be:7f:1b:50:34:0b
DHCPDISCOVER(wlp2s2f7u2) be:7f:1b:50:34:0b
DHCPOFFER(wlp2s2f7u2) 10.42.0.234 be:7f:1b:50:34:0b
DHCPREQUEST(wlp2s2f7u2) 10.42.0.234 be:7f:1b:50:34:0b
DHCPACK(wlp2s2f7u2) 10.42.0.234 be:7f:1b:50:34:0b lnx

References:
- Re: How to activate MAC address randomization?
  - From: Dan Williams
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: Chris Laprise
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: Thomas Haller
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: Thomas Haller
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: Dan Williams
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: poma
- Re: How to activate MAC address randomization?
  - From: poma

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]