diff options
author | netblue30 <netblue30@yahoo.com> | 2018-07-11 06:42:59 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-07-11 06:42:59 -0400 |
commit | 261d08d394559a05d804a76e52183f6e26d871f5 (patch) | |
tree | 0f17c4d61ad92290863590ed4347c5e14729eb20 /README.md | |
parent | Add documentation for keep-dev-shm option (diff) | |
download | firejail-261d08d394559a05d804a76e52183f6e26d871f5.tar.gz firejail-261d08d394559a05d804a76e52183f6e26d871f5.tar.zst firejail-261d08d394559a05d804a76e52183f6e26d871f5.zip |
tunneling support - tap interface in --net option
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 19 |
1 files changed, 18 insertions, 1 deletions
@@ -118,6 +118,17 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
118 | $ firejail --net=eth0 --ip=192.168.1.80 --dns=8.8.8.8 firefox | 118 | $ firejail --net=eth0 --ip=192.168.1.80 --dns=8.8.8.8 firefox |
119 | $ firejail --net=wlan0 firefox | 119 | $ firejail --net=wlan0 firefox |
120 | 120 | ||
121 | --net=tap_interface | ||
122 | Enable a new network namespace and connect it to this ethernet | ||
123 | tap interface using the standard Linux macvlan driver. If the | ||
124 | tap interface is not configured, the sandbox will not try to | ||
125 | configure the interface inside the sandbox. Please use --ip, | ||
126 | --netmask and --defaultgw to specify the configuration. | ||
127 | |||
128 | Example: | ||
129 | $ firejail --net=tap0 --ip=10.10.20.80 --netmask=255.255.255.0 | ||
130 | --defaultgw=10.10.20.1 firefox | ||
131 | |||
121 | --netmask=address | 132 | --netmask=address |
122 | Use this option when you want to assign an IP address in a new | 133 | Use this option when you want to assign an IP address in a new |
123 | namespace and the parent interface specified by --net is not | 134 | namespace and the parent interface specified by --net is not |
@@ -131,7 +142,13 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
131 | $ firejail --ip=10.10.20.67 --netmask=255.255.255.0 | 142 | $ firejail --ip=10.10.20.67 --netmask=255.255.255.0 |
132 | --defaultgw=10.10.20.1 | 143 | --defaultgw=10.10.20.1 |
133 | 144 | ||
134 | --nou2f | 145 | --keep-dev-shm |
146 | /dev/shm directory is untouched (even with --private-dev) | ||
147 | |||
148 | Example: | ||
149 | $ firejail --keep-dev-shm --private-dev | ||
150 | |||
151 | --nou2f | ||
135 | Disable U2F devices. | 152 | Disable U2F devices. |
136 | 153 | ||
137 | Example: | 154 | Example: |