Disable all usb except edimax dongle (7811Un)

Question

I am using raspberry pi 3 and edimax Wi-Fi dongle. I have some rules defined inside /etc/udev/rules.d/99-com.rules like what to do when edimax wifi dongle is connected/disconnected

Vendor id I obtained after running lsusb is as below

Bus 001 Device 004: ID 7392:7811 Edimax Technology Co., Ltd EW-7811Un 802.11n Wireless Adapter [Realtek RTL8188CUS]

Accordingly I added the below rules

KERNELS=="[1-9]*-[0-9]*", SUBSYSTEMS=="usb", ACTION=="add", ATTRS{idVendor}=="7392", RUN+="/home/pi/dongleon.sh &"
KERNELS=="[1-9]*-[0-9]*", SUBSYSTEMS=="usb", ACTION=="remove", ATTRS{idVendor}=="7392", RUN+="/home/pi/dongleoff.sh &"

Now I don't want any other USB plugged into raspberry pi ports to work. I want to allow only edimax Wi-Fi dongle and block all other usb devices.

Can some one please let me know how to achieve this.

isn't the ethernet port on the USB bus? – user2497 Oct 19 '19 at 17:01 — user2497, Oct 19 '19 at 17:01

score 1 · Answer 1 · answered Apr 03 '18 at 07:51

Check out this guide and this answer on Unix SE.

First, add a rule to disable all USB devices by default:

ACTION=="add", SUBSYSTEMS=="usb", RUN+="/bin/sh -c 'for host in /sys/bus/usb/devices/usb*; do echo 0 > $host/authorized_default; done'"

Then, add a rule to enable that particular dongle by vendor ID:

ACTION=="add", ATTR{idVendor}=="7392" RUN+="/bin/sh -c 'echo 1 >/sys$DEVPATH/authorized'"

You should also keep the rules you have if you need to run custom scripts when the dongle is plugged in.

Disable all usb except edimax dongle (7811Un)

1 Answers1

Linked