How can an application (like Firefox) be forced to use a certain network interface?
Solution 1
You can use a more complex approach of connections marking and route policy.
It will work fine if you have a user that runs one software and anther.
This way you can mark the connections of one user and use specific routing table for it while all the others will use the default one.
The basic document to understand it all is at: http://www.lartc.org/lartc.html
Also an example for two connections you can see here: https://unix.stackexchange.com/questions/58635/iptables-set-mark-route-diferent-ports-through-different-interfaces
You can use the "owner" iptables module which will mark the connections to allow routing policy.
Solution 2
What you are looking for is a LS_PRELOAD shim, see Daniel Lange's blog entry for a detailed explanation and example code.
Related videos on Youtube
Lekensteyn
Arch Linux user, open-source enthusiast, programmer, Wireshark developer, TRU/e Security master student at TU/e. Interests: network protocols, Linux kernel, server administration, Android, breaking & fixing stuff.
Updated on September 17, 2022Comments
-
Lekensteyn almost 2 years
I've two interfaces: eth0 and wlan0 on a notebook.
Possible use cases:
- eth0 grants me Internet access, and wlan0 is currently connected to a router which does not have Internet-connectivity. For development purposes, I need to connect to the wlan0 by default, but use eth0 for surfing
- eth0 and wlan0 are both connected to the Internet. For a torrent application, eth0 should be used for speed, but for portability of the notebook, SSH should have a connection over wlan0
- eth0 is a wire connection, wlan0 is a wireless one. Sensible data should be transferred over eth0, but other traffic can go over wlan0 as well.
Is there a way to force applications (like
nc.traditional
orfirefox
) to use a certain network interface? A wrapper likeexample-wrapper eth0 program
is fine too if such program exist. It would be nice if it could configured within Firefox (in runtime). I'd like to avoid IPTables solutions if possible. -
Lekensteyn over 13 yearsThis looks like a HTTP proxy, does it work with other protocols, like a connection between two netcat instances?
-
Stormvirux about 10 yearsWelcome to Ask Ubuntu! Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.
-
Lekensteyn almost 10 yearsWhile it works for this particular application, it unfortunately is not usable with other applications outside the VM such as Firefox.
-
Lekensteyn almost 10 yearsPolicy routing works for different users, but not for an application running under one user (as described in OP).
LD_PRELOAD
seems the way to go (not for malicious programs / for security reasons), perhaps someone could elaborate Bob Lebins post?