Preserve MAC address for a specific device

[Pedro Ribeiro <pedrib gmail com>]

Hi,

I have the following configuration in spoof.conf in order to anonymise
MAC addresses when connecting to a network:

[device-mac-randomization]
wifi.scan-rand-mac-address=yes

[connection-mac-randomization]
ethernet.cloned-mac-address=stable
wifi.cloned-mac-address=stable

However, this doesn't work with an iPhone tether ethernet device:

Jun  8 10:53:06 testing NetworkManager[50086]: <info> 
[1623124386.8513] device (iphone): state change: disconnected ->
prepare (reason 'none', sys-iface-state: 'managed')
Jun  8 10:53:06 testing NetworkManager[50086]: <warn> 
[1623124386.8520] platform-linux: do-change-link[19]: failure changing
link: failure 95 (Operation not supported)
Jun  8 10:53:06 testing NetworkManager[50086]: <warn> 
[1623124386.8537] platform-linux: do-change-link[19]: failure changing
link: failure 95 (Operation not supported)
Jun  8 10:53:06 testing NetworkManager[50086]: <warn> 
[1623124386.8537] device (iphone): set-hw-addr: failed to set-cloned
MAC address to fa:2b:4c:dd:47:b1 (stable) (NME_UNSPEC)
Jun  8 10:53:06 testing NetworkManager[50086]: <info> 
[1623124386.8550] device (iphone): state change: prepare -> failed
(reason 'config-failed', sys-iface-state: 'managed')

Probably the device doesn't allow the MAC address to be changed.
Anyway, I decided to see if I could disable the MAC address
randomisation for a specific device with the following config file:

[connection-iphone]
match-device=interface-name:iphone
ethernet.cloned-mac-address=preserve

... but it doesn't seem to work, NM always tries to set the ethernet
address of the device as above.

Am I doing something wrong? Is this possible, to have a global
randomisation on but turned off for a specific device?

Thank you!

-- 
Pedro Ribeiro
Vulnerability and Reverse Engineer / Cyber Security Specialist

pedrib gmail com
PGP: 4CE8 5A3D 133D 78BB BC03 671C 3C39 4966 870E 966C