diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-28 10:54:05 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-07-28 10:54:05 -0400 |
commit | 340a6b2eeb010367180e530af976810c9d762580 (patch) | |
tree | 7c264554e4ef98d7c7fdcc876f253e0af7eac392 /etc/firejail.config | |
parent | whitelist fix (diff) | |
download | firejail-340a6b2eeb010367180e530af976810c9d762580.tar.gz firejail-340a6b2eeb010367180e530af976810c9d762580.tar.zst firejail-340a6b2eeb010367180e530af976810c9d762580.zip |
added netfilter-default config option in /etc/firejail/firejail.config
Diffstat (limited to 'etc/firejail.config')
-rw-r--r-- | etc/firejail.config | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 59bbd77a5..20c4d7a5f 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -27,6 +27,13 @@ | |||
27 | # --netfilter only to root user. Regular users are only allowed --net=none. | 27 | # --netfilter only to root user. Regular users are only allowed --net=none. |
28 | # restricted-network no | 28 | # restricted-network no |
29 | 29 | ||
30 | # Change default netfilter configuration. When using --netfilter option without | ||
31 | # a file argument, the default filter is hardcoded (see man 1 firejail). This | ||
32 | # configuration entry allows the user to change the default by specifying | ||
33 | # a file containing the filter configuration. The filter file format is the | ||
34 | # format of iptables-save and iptable-restore commands. Example: | ||
35 | # netfilter-default /etc/iptables.iptables.rules | ||
36 | |||
30 | # Enable or disable seccomp support, default enabled. | 37 | # Enable or disable seccomp support, default enabled. |
31 | # seccomp yes | 38 | # seccomp yes |
32 | 39 | ||