fdns and network namespaces

[Archer2011]

Is it possible to use fdns and a network namespace? I tried but it didn't work

[rusty-snake]

You mean ip netns exec foobar fdns?

[Archer2011]

You mean ip netns exec foobar fdns?

sudo fdns firejail --noprofile --net=wifi0 --dns=127.1.1.1 /usr/bin/firefox

[rusty-snake]

The new netns will have it's own loopback interface, so this don't work.

What you can do, is to create a new named-netns, run fdns in it and use --netns.

[Archer2011]

The new netns will have it's own loopback interface, so this don't work.

What you can do, is to create a new named-netns, run fdns in it and use --netns.

Thank you very much. I got it working, those were the steps:

sudo ip netns add myspace
sudo ip link add veth01 type veth peer name veth11
sudo ip link set veth11 netns myspace
sudo ifconfig veth01 192.168.42.1 netmask 255.255.255.0 up
sudo ip netns exec myspace ifconfig veth11 192.168.42.2 netmask 255.255.255.0 up
sudo ip netns exec myspace ifconfig lo up
sudo ip netns exec myspace route add default gw 192.168.42.1

sudo iptables -t nat -A POSTROUTING -s 192.168.42.0/24 -o wifi0 -j MASQUERADE
sudo iptables -A FORWARD -i wifi0 -o veth01 -j ACCEPT
sudo iptables -A FORWARD -o wifi0 -i veth01 -j ACCEPT

sudo ip netns exec myspace fdns

firejail --profile=/etc/firejail/firefox.profile --netns=myspace --dns=127.1.1.1 /opt/firefox/firefox

Source: https://hintcafe.net/post/78293519027/running-a-process-inside-a-network-namespace https://web.archive.org/web/20220328075635/https://hintcafe.net/post/78293519027/running-a-process-inside-a-network-namespace