6

I'd like to start a program disconnected from the network (because immediately upon starting it tries to download huge amounts of data, which can be prevented by changing settings as soon as it settles down). However, I really don't want to actually bring the network down for this one program.

Is there some LD_PRELOAD or similar to give the program the impression that the network is down? I'd rather not create a virtual machine.

Gilles 'SO- stop being evil'
  • 829,060
dan3
  • 670

2 Answers2

8

Under Linux, try to use a network namespace, e.g:

sudo ip netns add namespace-name
sudo ip netns exec namespace-name executable

This should prevent the program from accessing the network.

Gilles 'SO- stop being evil'
  • 829,060
Ulrich Dangel
  • 25,369
3

@Ulrich's network namespace solution is a perfect solution if you're on a recent Linux and have superuser access. If not, an alternative could be to use a SOCKS wrapper like dante's socksify or tsocks (note that they work with LD_PRELOAD).

Like with tsocks, create a tsocks.conf with for instance:

path {
    reaches = 0/0
    server = 127.0.0.1
    server_port = -1
    server_type = 5
}
fallback = no

And call your application with:

TSOCKS_CONF_FILE=/path/to/that/tsocks.conf tsocks your-application

That only works for TCP connections and for IPv4. On the other hand, that means you can selectively specify which IP addresses you want to allow a connection to.

Stéphane Chazelas
  • 544,893
  • I will keep this one in mind, despite its limitations (I thought myself about "messing up" a proxy configuration, but decided to ask for something more general). I like the ip netns way though for my case. – dan3 Sep 01 '13 at 20:18