pigmonkey
add support for 'iwd' ?
hey, i would love to contribute to your project to support iwd directly, so i can ditch network-manager as dependency. since my coding skills are almost none existent, i would need some help to point me in the right direction and audit my lines after pr of course. hope you like the idea and there is no major breakpoint that i miss for make it to work....?
as far as i could spot out, i think the interesting parts are line 94-118 at the nmtrust script?
best regards and thanks for sharing your tools ;)
I haven't used iwd myself, but would be happy to review any patches to add support for it. The only requirements are that iwd provides some sort of unique identifier to every network that it knows about, and that it provides a command to output a list of those unique identifiers for any active connections. Ideally it would also provide some sort of dispatcher so that ttoggle could be run whenever a change is made in the network connections, but that isn't required.
The relevant lines in nmtrust are 95-101. Line 95 is getting a list of all active connections from NetworkManager and reading it into an array. Line 98 is counting the total number of connections from NetworkManager. Line 101 is comparing the connections from NetworkManager against the trusted network file to count the number of trusted connections. Those three outputs are all that is needed.
Lines 103-118 are where the decisions are made based on the results from lines 95-101, but they should not have to change for iwd. If the total number of connections from line 98 is 0, the script knows you are offline. If the number of trusted connections from line 101 is 0, the scripts knows all connections are untrusted. If neither of those cases are true, then it iterates through all the connections from line 98 and checks if any of them are untrusted.
Thanks to your explanations a POC was fairly easy to create,
but:
as far as i know 'iwd' manages only wireless devices and strips completly away unique 'network-uuids' for the user.
So for now my few changes are working only for network names (SSID) that are printed out by iwd.
so instead of uuids in your 'trusted_networks' files i put ssid's
i didnt look into ttoggle yet, and couldnt find any information online about iwd for an implementation to trigger an action on a network change..... maybee systemd can be used for triggers?
it would be nice to get ethernet devices to work with it aswell....not quite sure how to implement that for now
maybe theres another good way, to read out network informations as wireless and ethernet connections so we could get rid of any dependency like iwd and network-manager.
nmtrust could then work on a variety on linux systems aswell.....
let me hear what you think.... ;)
I'm a little nervous about using just the SSID since they are not unique. You may have a trusted network with a generic name like home. But if you connect to a different network named home at a friend's house, you don't necessarily want to trust it just because it has the same name.
I believe NetworkManager determines a network's uniqueness based on a combination of SSID, the credentials used for successful authentication, and any other configuration settings used like dynamic vs static IP.
networkd-dispatcher looks like it would work for triggering actions when the network goes up or down.
Exactly. For my purpose it would be enough, but this solution is not ready for nmtrust yet. So I need to find out how iwd distinguish networks from each other if the ssid's are the same. ideally I could check ssid in combination with MAC address or create an unique number from both values. I couldn't find any information how iwd is handling networks if you got two ssids with the same name for now. Need to do more research on this