diff options
author | netblue30 <netblue30@yahoo.com> | 2019-01-09 08:26:46 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-01-09 08:26:46 -0500 |
commit | 314dde5d94b0c14dd5bb8a3eda1435b64e007a4b (patch) | |
tree | fa98c339da1dff3f46105043917bc015290fd3ae | |
parent | test caps join (diff) | |
download | firejail-314dde5d94b0c14dd5bb8a3eda1435b64e007a4b.tar.gz firejail-314dde5d94b0c14dd5bb8a3eda1435b64e007a4b.tar.zst firejail-314dde5d94b0c14dd5bb8a3eda1435b64e007a4b.zip |
fix netfilter-default functionality in /etc/firejail/firejail.config
-rw-r--r-- | src/firejail/netfilter.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c index ed2d019ab..22c8392a0 100644 --- a/src/firejail/netfilter.c +++ b/src/firejail/netfilter.c | |||
@@ -69,8 +69,12 @@ void netfilter(const char *fname) { | |||
69 | if (set_perms(SBOX_STDIN_FILE, getuid(), getgid(), 0644)) | 69 | if (set_perms(SBOX_STDIN_FILE, getuid(), getgid(), 0644)) |
70 | errExit("set_perms"); | 70 | errExit("set_perms"); |
71 | 71 | ||
72 | if (fname == NULL) | 72 | if (fname == NULL) { |
73 | sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FNETFILTER, SBOX_STDIN_FILE); | 73 | if (netfilter_default) |
74 | sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 3, PATH_FNETFILTER, netfilter_default, SBOX_STDIN_FILE); | ||
75 | else | ||
76 | sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FNETFILTER, SBOX_STDIN_FILE); | ||
77 | } | ||
74 | else | 78 | else |
75 | sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 3, PATH_FNETFILTER, fname, SBOX_STDIN_FILE); | 79 | sbox_run(SBOX_USER| SBOX_CAPS_NONE | SBOX_SECCOMP, 3, PATH_FNETFILTER, fname, SBOX_STDIN_FILE); |
76 | 80 | ||