Limit network interface to specific commands vice versa

Asked Nov 08 '17 at 14:44

Active Nov 09 '17 at 11:45

Viewed 195 times

I'm using this tutorial: Bind unix program to specific network interface

Assume that $NS and $IN is set properly

My problem
I have two network interfaces and one of them has data limits and I don't want anything other than specific commands to access it. But when I try to use it with "ip netns exec $NS {command}" this command ~~can't reach internet~~ can connect to IP addresses but can't resolve hosts

Steps I took

sudo mkdir -p /etc/netns/$NS
sudo sh -c "echo \"nameserver 8.8.8.8\" >> /etc/netns/$NS/resolv.conf"
curl <ip> // OK
curl <site> // OK
sudo ip netns add $NS
sudo ip link set $IN netns $NS
sudo ip netns exec $NS ip link set lo up
sudo ip netns exec $NS ip link set $IN up
sudo ip netns exec $NS dhclient $IN
sudo ip netns exec $NS curl <ip> // OK
sudo ip netns exec $NS curl <site> // Could not resolve host: <site>

Notes

Interface type is ethernet
netns ip route (ip netns exec $NS ip route) seems to be in order, default route points towards the IP $IN has
Commands in given steps except for the last command execute without error

edited Nov 09 '17 at 11:45

asked Nov 08 '17 at 14:44

Barış Hamil

Then run with specific user, and you can limit the traffic for only one user. – Ipor Sircer Nov 08 '17 at 14:54
I updated my question, apparently this is a nameserver issue – Barış Hamil Nov 09 '17 at 11:44

Limit network interface to specific commands vice versa

0 Answers0