===== DeltaShaper as a Datalink layer connection =====

DeltaShaper can be used to establish a data link layer, providing that L3 packets, rather than application protocols, are relayed through the covert video channel.
To this end, it would be useful that single applications could be isolated in a given network environment, where the packets generated by the application would be routed to DeltaShaper instead of the default network interface.

===== Creating the Datalink layer connection =====

==== Linux Network Namespaces ====
An abridged definition (from [[http://lwn.net/Articles/580893/|LWN]]):

Network namespaces partition the use of the network—devices, addresses, ports, routes, firewall rules, etc.—into separate boxes, essentially virtualizing the network within a single running kernel instance. Container implementations also use network namespaces to give each container its own view of the network, untrammeled by processes outside of the container.

 
=== Network namespace creation ===
The following commands create a network namespace, associating a virtual nic deployed in the container **(veth1)** to another virtual nic deployed in userspace **(veth0)**. All traffic from the nic inside the container is re-routed to the host machine. We are able to retrieve packets sent by veth1 by inspecting veth0 and inject packets in veth0 which will be delivered to veth1.

  # ip netns add TEST
  # ip link add veth0 type veth peer name veth1
  # ip link set dev veth1 netns TEST
  # ip link set dev veth0 up
  # ip netns exec TEST ip link set dev veth1 up
  # ip netns exec TEST ip addr add 10.10.10.10/32 dev veth1
  # ip netns exec TEST ip addr add 10.10.10.10/32 dev veth1
  # ip route add 10.10.10.10/32 dev veth0
  # ip netns exec TEST ip route add 192.168.1.3/32 dev veth1
  # ip netns exec TEST route add default gw 146.193.41.242
  # ip addr add 10.10.10.11/32 dev veth0
  
  Run browser in the network container
  # ip netns exec TEST firefox
  
Useful Links:

http://lwn.net/Articles/580893/

http://serverfault.com/questions/662699/how-to-configure-a-linux-network-namespace-that-allows-udp-broadcast

http://unix.stackexchange.com/questions/266114/how-can-i-constrain-a-user-application-to-always-run-in-a-particular-network-nam

http://unix.stackexchange.com/questions/210982/bind-unix-program-to-specific-network-interface

NetNS Manipulation w/Python: 
http://docs.pyroute2.org/netns.html

Python nic sniffer: 
https://github.com/anshulbehl/pycon_sniffer