MAC address spoofing

Issues related to configuring your network
Post Reply
int38er
Posts: 3
Joined: 2014/08/12 09:29:24

MAC address spoofing

Post by int38er » 2014/08/12 09:59:38

For some reason, I need to change the MAC address of Linux server running "CentOS release 5". The change is done via MACADDR (and commented HWADDR) in /etc/sysconfig/network-scripts/if-eth0 like below. The new MAC gets reflected after restarting the network.

Code: Select all

# Realtek Semiconductor Co., Ltd. RTL-8169 Gigabit Ethernet
DEVICE=eth0
BOOTPROTO=static
BROADCAST=172.1.2.255
#HWADDR=00:B0:D0:12:34:56
MACADDR=00:B0:D0:12:34:57
IPADDR=172.1.2.3
NETMASK=255.255.255.0
NETWORK=172.1.2.0
ONBOOT=yes
However, after changing the MAC, the server is not in LAN anymore. I could not ping to gateway. I read somewhere that new MAC also needs to be updated in /etc/udev/rules.d/70-persistent-net.rules. But on this server, I don't have that file.

Did anyone else here tried MAC spoofing on CentOS successfully? I could change MAC on old REDHAT server and it was accessible in LAN, but could not get CentOS to work.

Any help please?
Top
User avatar
TrevorH
Site Admin
Posts: 33215
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: MAC address spoofing

Post by TrevorH » 2014/08/12 12:29:56

I've done this in CentOS 5 before though not any more. I wonder if it's driver specific and the Realtek one is not up to the job...
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Top
int38er
Posts: 3
Joined: 2014/08/12 09:29:24

Re: MAC address spoofing

Post by int38er » 2014/08/14 10:01:59

Thanks for the tip. Do you recommend to unload the r8169 driver and install it from latest source?

Any other ideas guys?
Top
User avatar
TrevorH
Site Admin
Posts: 33215
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: MAC address spoofing

Post by TrevorH » 2014/08/14 10:03:45

Do you have a spare ethernet card that doesn't use a Realtek chipset?
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Top
drk
Posts: 405
Joined: 2014/01/30 20:38:28

Re: MAC address spoofing

Post by drk » 2014/08/14 16:41:10

I had an workstation mobo with Nvidia chipset that had 2 NICs but both had the same MAC. I ended up using an ifconfig command in an /etc/init.d/ script to change the MAC before the network was started. Check the man page for ifconfig - IIRC it was something like "ifconfig hw ether address device"
Top
tuxmaster
Posts: 8
Joined: 2014/08/06 10:28:31

Re: MAC address spoofing

Post by tuxmaster » 2014/08/14 16:45:22

I think your udev rule must call :

Code: Select all

ifconfig eth0 hw ether NewMac
Top
int38er
Posts: 3
Joined: 2014/08/12 09:29:24

Re: MAC address spoofing

Post by int38er » 2014/08/18 08:25:50

The server only has a single NIC integrated with mobo. I need to make this on-board NIC work with the new MAC. So, I did not try with PCI NICs. I also did not try to recompile the Realtek driver yet.

Tried to add below line in /etc/udev/rules.d/60-net.rules and reboot the machine. But still no access.

Code: Select all

KERNEL=="eth*", SYSFS{address}=="00:B0:D0:12:34:57", name="eth0"
Strangely, tcpdump on eth0 shows that my gateway is responding to the pings (with new MAC in Ethernet frame), but Linux still shows that "Destination unreachable" in ping verbose and I could not connect to other machines with SSH/Telnet. Using tcpdump, I could also sniff the LAN traffic from other servers.

Once I change back the MAC to original one, server is back in the LAN.
Top
Post Reply

Return to “CentOS 5 - Networking Support”