Start with network interface disabled on Linux

WisePassion

Member
Joined
May 17, 2020
Messages
35
Reaction score
7
Credits
388
Hello. I am running Arch Linux on a laptop, with systemd as my init system and iwd to manage my Wi-Fi connection. This is my Neofetch output:
Code:
                   -`                    [email protected]
                  .o+`                   -------------------------
                 `ooo/                   OS: Arch Linux x86_64
                `+oooo:                  Host: Inspiron 7773
               `+oooooo:                 Kernel: 5.12.10-hardened1-1-hardened
               -+oooooo+:                Uptime: 8 hours, 23 mins
             `/:-:++oooo+:               Packages: 1206 (pacman)
            `/++++/+++++++:              Shell: zsh 5.8
           `/++++++++++++++:             Resolution: 1920x1080
          `/+++ooooooooooooo/`           WM: awesome
         ./ooosssso++osssssso+`          Theme: Harmony [GTK2], Arc-Dark-Solarized-GTK [GTK3]
        .oossssso-````/ossssss+`         Icons: la-capitaine-icon-theme [GTK2/3]
       -osssssso.      :ssssssso.        Terminal: st
      :osssssss/        osssso+++.       Terminal Font: Hack
     /ossssssss/        +ssssooo/-       CPU: Intel i7-8550U (8) @ 4.000GHz
   `/ossssso+/:-        -:/+osssso+-     GPU: NVIDIA GeForce MX150
  `+sso+:-`                 `.-/+oso:    GPU: Intel UHD Graphics 620
`++:.                           `-/+/   Memory: 2011MiB / 15750MiB
.`                                 `/
Sometimes I plug my laptop into an Ethernet cable i.e. when I'm just using it on my desk at home. When I do this, I notice that I have to manually disable wlan0 once I'm plugged in, or else my network connections will default to going over wlan0. I also like to have the option to spoof my MAC address before wlan0 is enabled in the first place to broadcast my default MAC address.

In order to achieve this, I want to know how to configure my laptop to start with wlan0 disabled by default, and wait until I run sudo ip link set dev wlan0 up before enabling it. I could use a systemd service that disables the wlan0 interface somewhere in the boot process, but that would still allow wlan0 to be enabled by default, before it is disabled, still broadcasting my default identifiers everywhere. How do I configure my computer to never enable wlan0 in the first place upon startup, only waiting until I manually tell it to turn on?

It can be via a systemd service, rfkill, or even grub; I have root access to this laptop so I can do whatever is necessary. I just want to make sure that the interface can be enabled post-boot using a single command, such as sudo ip link set dev wlan0 up.
 


f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
3,883
Reaction score
2,623
Credits
28,051
You can just connect the wireless interface to your wifi using a network manager and than bring it up or down as needed using either the graphical interface or the command-line. You can also configure your network manager to not automatically connect, then you will have to manually connect to your wifi. I use NetworkManager and the setting looks like this.
Code:
connection.autoconnect:                 no
 
Last edited:
OP
W

WisePassion

Member
Joined
May 17, 2020
Messages
35
Reaction score
7
Credits
388
I currently don't use NetworkManager. I tried installing it just to put your option into /etc/NetworkManager/NetworkManager.conf, and it didn't seem to change anything. Also, this option looks like it may work by not disabling the interface, rather just preventing the interface from connecting to an access point, which I already know how to do in iwd, it just doesn't help because not only does my computer still likely send out signals (my use case requires my computer to be invisible to nearby devices by default), but it means that whenever my Wi-Fi gets periodically disconnected, it doesn't automatically try to reconnect. I would like for my computer to automatically try to reconnect instead of disabling Wi-Fi, but I don't want it to do that as soon as it turns on.
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
3,883
Reaction score
2,623
Credits
28,051
I misunderstood you than, yes the only way to prevent it from sending signals is to bring the wireless interface down, right clicking on network applet and uncheck "Enable Wi-Fi" or to use the Fn + key and one of the F keys(top row) with the wireless icon on it to disable it. Some laptops also have a physical switch to disable it or you can bring it down with the command you mentioned in your first post, however I find the ways I mention easier and less time consuming.
 

Lord Boltar

Well-Known Member
Joined
Nov 24, 2020
Messages
984
Reaction score
637
Credits
7,299
network manager does not use iwd by default it uses wpa_supplicant you have to modify the NetworkManger.conf file to use iwd have to add wifi.backend=iwd under [device]

Code:
sudo nano /etc/NetworkManager/conf.d/iwd.conf

[main]
plugins=ifupdown,keyfile

[ifupdown]
managed=false

[device]
wifi.scan-rand-mac-address=no
wifi.backend=iwd (have to add this line here)

then save the file - network manager will now use iwd after reboot
 
OP
W

WisePassion

Member
Joined
May 17, 2020
Messages
35
Reaction score
7
Credits
388
Sorry if this is a necro, it was 15 days after the last post, but I found a solution to my problem after some digging. RFKILL allows me to soft block my phy0 card without disabling my Ethernet access, using sudo rfkill block phy0. RFKILL status is persistent, meaning I can reboot and not worry about my network card saying anything during the boot phase.
Here's the catch, though. It's persistent. I was expecting a solution that made the status of the kill switch volatile, defaulting to off on each boot.
This does solve my problem, however. I can even change my MAC address and other settings with the card still blocked, i.e. sudo ip link set dev wlan0 address 42:3a:34:ac:12:34.
 
OP
W

WisePassion

Member
Joined
May 17, 2020
Messages
35
Reaction score
7
Credits
388
This post was 8 days after the last one. I am at a public Wi-Fi and I realize that having to manually soft-block my network card before powering off, or risk displaying my default MAC address, is kinda a pain. I find comfort in being able to safely power off my computer at any time, without having to manually close anything, so I would still like a solution that would allow the network interface to always start disabled. This means that the interface (or device, doesn't matter) would never turn on anywhere in the boot process, and would only turn on when a single command is run, whatever that command may be.
 

f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
3,883
Reaction score
2,623
Credits
28,051
With networkmanagers there should be an option to not automatically connect. I'm using networkmanager and there the option looks like this.
Code:
connection.autoconnect:                 yes
I could set that to no than it would not automatically connect when starting up the system.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!


Latest posts

Top