diff options
author | netblue30 <netblue30@yahoo.com> | 2017-11-18 08:39:02 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-11-18 08:39:02 -0500 |
commit | ead4ec3089b97eda1b438da248caf76f169345ad (patch) | |
tree | 31bc22bcba4e6530b5f0daba3f332702efa7a4b9 /README.md | |
parent | Consistent home directory nomenclature (diff) | |
download | firejail-ead4ec3089b97eda1b438da248caf76f169345ad.tar.gz firejail-ead4ec3089b97eda1b438da248caf76f169345ad.tar.zst firejail-ead4ec3089b97eda1b438da248caf76f169345ad.zip |
netfilter template support
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 13 |
1 files changed, 11 insertions, 2 deletions
@@ -210,18 +210,27 @@ $ | |||
210 | --debug-private-lib | 210 | --debug-private-lib |
211 | Debug messages for --private-lib option. | 211 | Debug messages for --private-lib option. |
212 | 212 | ||
213 | --netfilter=filename,arg1,arg2,arg3 ... | ||
214 | This is the template version of the previous command. $ARG1, | ||
215 | $ARG2, $ARG3 ... in the firewall script are replaced with arg1, | ||
216 | arg2, arg3 ... passed on the command line. Up to 16 arguments | ||
217 | are supported. Example: | ||
218 | |||
219 | $ firejail --net=eth0 --ip=192.168.1.105 \ | ||
220 | --netfilter=/etc/firejail/tcpserver.net,5001 server-program | ||
221 | |||
213 | --netfilter.print=name|pid | 222 | --netfilter.print=name|pid |
214 | Print the firewall installed in the sandbox specified by name | 223 | Print the firewall installed in the sandbox specified by name |
215 | or PID. Example: | 224 | or PID. Example: |
216 | 225 | ||
217 | $ firejail --net=browser --net=eth0 --netfilter firefox & | 226 | $ firejail --name=browser --net=eth0 --netfilter firefox & |
218 | $ firejail --netfilter.print=browser | 227 | $ firejail --netfilter.print=browser |
219 | 228 | ||
220 | --netfilter6.print=name|pid | 229 | --netfilter6.print=name|pid |
221 | Print the IPv6 firewall installed in the sandbox specified by | 230 | Print the IPv6 firewall installed in the sandbox specified by |
222 | name or PID. Example: | 231 | name or PID. Example: |
223 | 232 | ||
224 | $ firejail --net=browser --net=eth0 --netfilter firefox & | 233 | $ firejail --name=browser --net=eth0 --netfilter firefox & |
225 | $ firejail --netfilter6.print=browser | 234 | $ firejail --netfilter6.print=browser |
226 | 235 | ||
227 | ````` | 236 | ````` |