Route Network Interface To Specific Application

firejail

dante

proxychains-ng

networking

app isolation

wifi

installation

Discover how to route network interfaces to specific apps using Firejail or Dante and Proxychains-ng, while preventing dual WiFi connections. The guide offers step-by-step instructions for installation, configuration, and usage.

Published

June 3, 2024

It is not advised to do so with dual WiFi connections, which is a pain in the ass in daily usage (only one of them will be used at a time).

Ethernet and WiFi dual connections seem fine with firejail but failed with dante.

Use firejail

sudo firejail --net=wlan0 --ip=dhcp --noprofile <program cmd>

Use dante and proxychains-ng

sudo apt install dante-server proxychains-ng

Now edit the dante config file at /etc/dante.conf:

internal: eth0 port = 1080
external: wlan0
socksmethod: username
user.privileged: root
user.unprivileged: nobody
user.libwrap: nobody
client pass {
from: 0/0 to: 0/0
}
socks pass {
from: 0/0 to: 0/0
}

Run the daemon by:

danted

Find the [ProxyList] section and add the following line in /etc/proxychains.conf:

socks5 127.0.0.1 1080 root <root_password>

Run the program with proxychains-ng:

proxychains <program cmd>

You can test your configuration like:

curl -x socks5://root:root@127.0.0.1:1080 https://www.baidu.com

If you run danted like systemctl start danted, you can configure a separate user for authentication. You have to change /etc/danted.conf and /etc/proxychains.conf accordingly.

sudo useradd -r -s /bin/false your_dante_user
sudo passwd your_dante_user