Restrict the list of available Ethernet/TAP adapters. Fixes #352.

conf/gns3_server.conf

@@ -39,6 +39,9 @@ user = gns3
 ; Password for HTTP authentication.
 password = gns3
 
+; Only allow these interfaces to be used by GNS3, for the Cloud node for example (Linux/OSX only)
+allowed_interfaces = eth0,eth1
+
 [VPCS]
 ; VPCS executable location, default: search in PATH
 ;vpcs_path = vpcs

gns3server/compute/builtin/nodes/cloud.py

@@ -110,7 +110,7 @@ class Cloud(BaseNode):
 
         if ports != self._ports_mapping:
             if len(self._nios) > 0:
-                raise NodeError("Can't modify a cloud that is already connected.")
+                raise NodeError("Cannot modify a cloud that is already connected.")
 
             port_number = 0
             for port in ports:

gns3server/utils/interfaces.py

@@ -23,6 +23,8 @@ import socket
 import struct
 import psutil
 
+from gns3server.config import Config
+
 if psutil.version_info < (3, 0, 0):
     raise Exception("psutil version should >= 3.0.0. If you are under Ubuntu/Debian install gns3 via apt instead of pip")
 
@@ -198,8 +200,14 @@ def interfaces():
 
     results = []
     if not sys.platform.startswith("win"):
+        allowed_interfaces = Config.instance().get_section_config("Server").get("allowed_interfaces", None)
+        if allowed_interfaces:
+            allowed_interfaces = allowed_interfaces.split(',')
         net_if_addrs = psutil.net_if_addrs()
         for interface in sorted(net_if_addrs.keys()):
+            if allowed_interfaces and interface not in allowed_interfaces:
+                log.warning("Interface '{}' is not allowed to be used on this server".format(interface))
+                continue
             ip_address = ""
             mac_address = ""
             netmask = ""