diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-10-23 07:38:29 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-10-23 07:38:29 -0400 |
| commit | a0985a135392c0776d45cf8e27ebf15bc7fff198 (patch) | |
| tree | f796ca075c61e103abfd54c01872655c9610e8dc /README.md | |
| parent | Merge branch 'master' of ssh://github.com/netblue30/firejail (diff) | |
| download | firejail-a0985a135392c0776d45cf8e27ebf15bc7fff198.tar.gz firejail-a0985a135392c0776d45cf8e27ebf15bc7fff198.tar.zst firejail-a0985a135392c0776d45cf8e27ebf15bc7fff198.zip | |
dnstrace and snitrace
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 52 |
1 files changed, 52 insertions, 0 deletions
| @@ -221,6 +221,58 @@ Milestone page: https://github.com/netblue30/firejail/milestone/1 | |||
| 221 | kernel. For more information, please see APPARMOR section be‐ | 221 | kernel. For more information, please see APPARMOR section be‐ |
| 222 | ````` | 222 | ````` |
| 223 | 223 | ||
| 224 | ### dnstrace | ||
| 225 | ````` | ||
| 226 | --dnstrace[=name|pid] | ||
| 227 | Monitor DNS queries. The sandbox can be specified by name or | ||
| 228 | pid. Only networked sandboxes created with --net are supported. | ||
| 229 | This option is only available when running the sandbox as root. | ||
| 230 | |||
| 231 | Without a name/pid, Firejail will monitor the main system net‐ | ||
| 232 | work namespace. | ||
| 233 | |||
| 234 | $ sudo firejail --dnstrace=browser | ||
| 235 | 11:31:43 9.9.9.9 linux.com (type 1) | ||
| 236 | 11:31:45 9.9.9.9 fonts.googleapis.com (type 1) NXDOMAIN | ||
| 237 | 11:31:45 9.9.9.9 js.hs-scripts.com (type 1) NXDOMAIN | ||
| 238 | 11:31:45 9.9.9.9 www.linux.com (type 1) | ||
| 239 | 11:31:45 9.9.9.9 fonts.googleapis.com (type 1) NXDOMAIN | ||
| 240 | 11:31:52 9.9.9.9 js.hs-scripts.com (type 1) NXDOMAIN | ||
| 241 | 11:32:05 9.9.9.9 secure.gravatar.com (type 1) | ||
| 242 | 11:32:06 9.9.9.9 secure.gravatar.com (type 1) | ||
| 243 | 11:32:08 9.9.9.9 taikai.network (type 1) | ||
| 244 | 11:32:08 9.9.9.9 cdn.jsdelivr.net (type 1) | ||
| 245 | 11:32:08 9.9.9.9 taikai.azureedge.net (type 1) | ||
| 246 | 11:32:08 9.9.9.9 www.youtube.com (type 1) | ||
| 247 | ````` | ||
| 248 | |||
| 249 | ### snitrace | ||
| 250 | ````` | ||
| 251 | --snitrace[=name|pid] | ||
| 252 | Monitor Server Name Indication (TLS/SNI). The sandbox can be | ||
| 253 | specified by name or pid. Only networked sandboxes created with | ||
| 254 | --net are supported. This option is only available when running | ||
| 255 | the sandbox as root. | ||
| 256 | |||
| 257 | Without a name/pid, Firejail will monitor the main system net‐ | ||
| 258 | work namespace. | ||
| 259 | |||
| 260 | $ sudo firejail --snitrace=browser | ||
| 261 | 07:49:51 23.185.0.3 linux.com | ||
| 262 | 07:49:51 23.185.0.3 www.linux.com | ||
| 263 | 07:50:05 192.0.73.2 secure.gravatar.com | ||
| 264 | 07:52:35 172.67.68.93 www.howtoforge.com | ||
| 265 | 07:52:37 13.225.103.59 sf.ezoiccdn.com | ||
| 266 | 07:52:42 142.250.176.3 www.gstatic.com | ||
| 267 | 07:53:03 173.236.250.32 www.linuxlinks.com | ||
| 268 | 07:53:05 192.0.77.37 c0.wp.com | ||
| 269 | 07:53:08 192.0.78.32 jetpack.wordpress.com | ||
| 270 | 07:53:09 192.0.77.32 s0.wp.com | ||
| 271 | 07:53:09 192.0.77.2 i0.wp.com | ||
| 272 | 07:53:10 192.0.77.2 i0.wp.com | ||
| 273 | 07:53:11 192.0.73.2 1.gravatar.com | ||
| 274 | ````` | ||
| 275 | |||
| 224 | ### Profile Statistics | 276 | ### Profile Statistics |
| 225 | 277 | ||
| 226 | A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory. | 278 | A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory. |