diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-10-11 11:01:01 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-10-11 11:01:01 -0400 |
| commit | 95a725b61cd9b96cacb73ecef254db9860afb38d (patch) | |
| tree | 22ebde6bd6a092e5741321518c6579dc32ad0105 /src/man | |
| parent | build(deps): bump actions/checkout from 3.0.2 to 3.1.0 (diff) | |
| download | firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.tar.gz firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.tar.zst firejail-95a725b61cd9b96cacb73ecef254db9860afb38d.zip | |
nettrace-dns and nettrace-sni
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/firejail.txt | 86 |
1 files changed, 80 insertions, 6 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 82eea3977..3b743386e 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -1548,7 +1548,7 @@ PID User RX(KB/s) TX(KB/s) Command | |||
| 1548 | 7383 netblue 9.045 0.112 firejail \-\-net=eth0 transmission | 1548 | 7383 netblue 9.045 0.112 firejail \-\-net=eth0 transmission |
| 1549 | .TP | 1549 | .TP |
| 1550 | \fB\-\-nettrace[=name|pid] | 1550 | \fB\-\-nettrace[=name|pid] |
| 1551 | Monitor TCP and UDP traffic coming into the sandbox specified by name or pid. Only networked sandboxes | 1551 | Monitor received TCP. UDP, and ICMP traffic. The sandbox can be specified by name or pid. Only networked sandboxes |
| 1552 | created with \-\-net are supported. This option is only available when running the sandbox as root. | 1552 | created with \-\-net are supported. This option is only available when running the sandbox as root. |
| 1553 | .br | 1553 | .br |
| 1554 | 1554 | ||
| @@ -1557,9 +1557,7 @@ Without a name/pid, Firejail will monitor the main system network namespace. | |||
| 1557 | .br | 1557 | .br |
| 1558 | 1558 | ||
| 1559 | .br | 1559 | .br |
| 1560 | $ sudo firejail --nettrace=browser | 1560 | $ sudo firejail --nettrace=browser |
| 1561 | .br | ||
| 1562 | |||
| 1563 | .br | 1561 | .br |
| 1564 | 95 KB/s geoip 457, IP database 4436 | 1562 | 95 KB/s geoip 457, IP database 4436 |
| 1565 | .br | 1563 | .br |
| @@ -1576,10 +1574,86 @@ Without a name/pid, Firejail will monitor the main system network namespace. | |||
| 1576 | 1574 | ||
| 1577 | .br | 1575 | .br |
| 1578 | If /usr/bin/geoiplookup is installed (geoip-bin package in Debian), | 1576 | If /usr/bin/geoiplookup is installed (geoip-bin package in Debian), |
| 1579 | the country the IP address originates from is added to the trace. | 1577 | the country the traffic originates from is added to the trace. |
| 1580 | We also use the static IP map in /etc/firejail/hostnames | 1578 | We also use the static IP map in /usr/lib/firejail/static-ip-map |
| 1581 | to print the domain names for some of the more common websites and cloud platforms. | 1579 | to print the domain names for some of the more common websites and cloud platforms. |
| 1582 | No external services are contacted for reverse IP lookup. | 1580 | No external services are contacted for reverse IP lookup. |
| 1581 | .TP | ||
| 1582 | \fB\-\-nettrace-dns[=name|pid] | ||
| 1583 | Monitor DNS queries. The sandbox can be specified by name or pid. Only networked sandboxes | ||
| 1584 | created with \-\-net are supported. This option is only available when running the sandbox as root. | ||
| 1585 | .br | ||
| 1586 | |||
| 1587 | .br | ||
| 1588 | Without a name/pid, Firejail will monitor the main system network namespace. | ||
| 1589 | .br | ||
| 1590 | |||
| 1591 | .br | ||
| 1592 | $ sudo firejail --nettrace-dns=browser | ||
| 1593 | .br | ||
| 1594 | 11:31:43 9.9.9.9 linux.com (type 1) | ||
| 1595 | .br | ||
| 1596 | 11:31:45 9.9.9.9 fonts.googleapis.com (type 1) NXDOMAIN | ||
| 1597 | .br | ||
| 1598 | 11:31:45 9.9.9.9 js.hs-scripts.com (type 1) NXDOMAIN | ||
| 1599 | .br | ||
| 1600 | 11:31:45 9.9.9.9 www.linux.com (type 1) | ||
| 1601 | .br | ||
| 1602 | 11:31:45 9.9.9.9 fonts.googleapis.com (type 1) NXDOMAIN | ||
| 1603 | .br | ||
| 1604 | 11:31:52 9.9.9.9 js.hs-scripts.com (type 1) NXDOMAIN | ||
| 1605 | .br | ||
| 1606 | 11:32:05 9.9.9.9 secure.gravatar.com (type 1) | ||
| 1607 | .br | ||
| 1608 | 11:32:06 9.9.9.9 secure.gravatar.com (type 1) | ||
| 1609 | .br | ||
| 1610 | 11:32:08 9.9.9.9 taikai.network (type 1) | ||
| 1611 | .br | ||
| 1612 | 11:32:08 9.9.9.9 cdn.jsdelivr.net (type 1) | ||
| 1613 | .br | ||
| 1614 | 11:32:08 9.9.9.9 taikai.azureedge.net (type 1) | ||
| 1615 | .br | ||
| 1616 | 11:32:08 9.9.9.9 www.youtube.com (type 1) | ||
| 1617 | .br | ||
| 1618 | .TP | ||
| 1619 | \fB\-\-nettrace-sni[=name|pid] | ||
| 1620 | Monitor Server Name Indication (TLS/SNI). The sandbox can be specified by name or pid. Only networked sandboxes | ||
| 1621 | created with \-\-net are supported. This option is only available when running the sandbox as root. | ||
| 1622 | .br | ||
| 1623 | |||
| 1624 | .br | ||
| 1625 | Without a name/pid, Firejail will monitor the main system network namespace. | ||
| 1626 | .br | ||
| 1627 | |||
| 1628 | .br | ||
| 1629 | $ sudo firejail --nettrace-sni=browser | ||
| 1630 | .br | ||
| 1631 | 07:49:51 23.185.0.3 linux.com | ||
| 1632 | .br | ||
| 1633 | 07:49:51 23.185.0.3 www.linux.com | ||
| 1634 | .br | ||
| 1635 | 07:50:05 192.0.73.2 secure.gravatar.com | ||
| 1636 | .br | ||
| 1637 | 07:52:35 172.67.68.93 www.howtoforge.com | ||
| 1638 | .br | ||
| 1639 | 07:52:37 13.225.103.59 sf.ezoiccdn.com | ||
| 1640 | .br | ||
| 1641 | 07:52:42 142.250.176.3 www.gstatic.com | ||
| 1642 | .br | ||
| 1643 | 07:53:03 173.236.250.32 www.linuxlinks.com | ||
| 1644 | .br | ||
| 1645 | 07:53:05 192.0.77.37 c0.wp.com | ||
| 1646 | .br | ||
| 1647 | 07:53:08 192.0.78.32 jetpack.wordpress.com | ||
| 1648 | .br | ||
| 1649 | 07:53:09 192.0.77.32 s0.wp.com | ||
| 1650 | .br | ||
| 1651 | 07:53:09 192.0.77.2 i0.wp.com | ||
| 1652 | .br | ||
| 1653 | 07:53:10 192.0.77.2 i0.wp.com | ||
| 1654 | .br | ||
| 1655 | 07:53:11 192.0.73.2 1.gravatar.com | ||
| 1656 | .br | ||
| 1583 | #endif | 1657 | #endif |
| 1584 | .TP | 1658 | .TP |
| 1585 | \fB\-\-nice=value | 1659 | \fB\-\-nice=value |