Instantly share code, notes, and snippets.

Embed
What would you like to do?
In Ubuntu 16.04, randomize WiFi MAC addresses with a daily rotation - /etc/NetworkManager/dispatcher.d/pre-up.d/randomize-mac-addresses.sh
#!/bin/sh
# /etc/NetworkManager/dispatcher.d/pre-up.d/randomize-mac-addresses.sh
# INSTALL
#
# > curl -L 'https://gist.github.com/paulfurley/46e0547ce5c5ea7eabeaef50dbacef3f/raw/56ee5dd5f40dec93b8f7438cbdeda5475ea3b5d2/randomize-mac-addresses.sh' |sudo tee /etc/NetworkManager/dispatcher.d/pre-up.d/randomize-mac-addresses.sh
# > sudo chmod +x /etc/NetworkManager/dispatcher.d/pre-up.d/randomize-mac-addresses.sh
# Configure every saved WiFi connection in NetworkManager with a spoofed MAC
# address, seeded from the UUID of the connection and the date eg:
# 'c31bbcc4-d6ad-11e7-9a5a-e7e1491a7e20-2017-11-20'
# This makes your MAC impossible(?) to track across WiFi providers, and
# for one provider to track across days.
# For craptive portals that authenticate based on MAC, you might want to
# automate logging in :)
# Note that NetworkManager >= 1.4.1 (Ubuntu 17.04+) can do something similar
# automatically.
# See https://www.paulfurley.com/randomize-your-wifi-mac-address-on-ubuntu-1604-xenial/
export PATH=$PATH:/usr/bin:/bin
LOG_FILE=/var/log/randomize-mac-addresses
echo "$(date): $*" > ${LOG_FILE}
WIFI_UUIDS=$(nmcli --fields type,uuid connection show |grep 802-11-wireless |cut '-d ' -f3)
for UUID in ${WIFI_UUIDS}
do
UUID_DAILY_HASH=$(echo "${UUID}-$(date +%F)" | md5sum)
RANDOM_MAC="02:$(echo -n ${UUID_DAILY_HASH} | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5/')"
CMD="nmcli connection modify ${UUID} wifi.cloned-mac-address ${RANDOM_MAC}"
echo "$CMD" >> ${LOG_FILE}
$CMD &
done
wait
@gregorianzhang

This comment has been minimized.

gregorianzhang commented Dec 4, 2017

date +F

date +%F

@Mikadily

This comment has been minimized.

Mikadily commented Dec 7, 2017

I like this better than the NetworkManager approach for Ubuntu 17+, wondering why it wouldn't work on my Ubuntu 17.10

@no1xsyzy

This comment has been minimized.

no1xsyzy commented Dec 13, 2017

@Mikadily Have you checked the log file at /var/log/randomize-mac-addresses? How does it say?

@kinggrowler

This comment has been minimized.

kinggrowler commented Apr 30, 2018

Thoughts on being able to exclude certain networks, based on UUID? For example, I prefer keeping the same MAC for both my home and work wifi.

The approach I took was to change the UUID of all these "excluded networks" to have the same leading 8 characters. This way the UUIDs are all still different but I can exclude any network by simply changing the UUID in /etc/NetworkManager/system-connections/<network_name> to begin with these 8 characters.

As an example, here is the modified code, excluding comments and blank lines:

#!/usr/bin/env bash
export PATH=$PATH:/usr/bin:/bin
LOG_FILE=/var/log/randomize-mac-addresses
echo "$(date): $*" > ${LOG_FILE}
WIFI_UUIDS=$(nmcli --fields type,uuid connection show |grep 802-11-wireless |cut '-d ' -f3)
EXCLUDE_UUID="exclude1"
for UUID in ${WIFI_UUIDS}
do
  if [[ "${UUID%%-*}" != "${EXCLUDE_UUID}" ]]; then
    UUID_DAILY_HASH=$(echo "${UUID}-$(date +%F)" | md5sum)
    RANDOM_MAC="02:$(echo -n ${UUID_DAILY_HASH} | sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/\1:\2:\3:\4:\5/')"
    CMD="nmcli connection modify ${UUID} wifi.cloned-mac-address ${RANDOM_MAC}"
    echo "$CMD" >> ${LOG_FILE}
    $CMD &
  fi
done
wait

An example of a UUID that would keep its default MAC address could be:

exclude1-c816-43f3-802e-9916c0ea9c7c
(Naturally, "exclude1" can be any 8 characters you prefer....)

There are probably better ways to do this but I'm curious what others think of the underlying idea. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment