diff options
author | netblue30 <netblue30@yahoo.com> | 2017-11-18 08:39:02 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-11-18 08:39:02 -0500 |
commit | ead4ec3089b97eda1b438da248caf76f169345ad (patch) | |
tree | 31bc22bcba4e6530b5f0daba3f332702efa7a4b9 /src/man | |
parent | Consistent home directory nomenclature (diff) | |
download | firejail-ead4ec3089b97eda1b438da248caf76f169345ad.tar.gz firejail-ead4ec3089b97eda1b438da248caf76f169345ad.tar.zst firejail-ead4ec3089b97eda1b438da248caf76f169345ad.zip |
netfilter template support
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index bf27c07ad..d9000fd5e 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -937,13 +937,32 @@ is a desktop client firewall that disable access to local network. Example: | |||
937 | $ firejail --netfilter=/etc/firejail/nolocal.net \\ | 937 | $ firejail --netfilter=/etc/firejail/nolocal.net \\ |
938 | .br | 938 | .br |
939 | --net=eth0 firefox | 939 | --net=eth0 firefox |
940 | |||
941 | |||
942 | |||
943 | |||
944 | .TP | ||
945 | \fB\-\-netfilter=filename,arg1,arg2,arg3 ... | ||
946 | This is the template version of the previous command. $ARG1, $ARG2, $ARG3 ... in the firewall script | ||
947 | are replaced with arg1, arg2, arg3 ... passed on the command line. Up to 16 arguments are supported. | ||
948 | Example: | ||
949 | .br | ||
950 | |||
951 | .br | ||
952 | $ firejail --net=eth0 --ip=192.168.1.105 \\ | ||
953 | .br | ||
954 | --netfilter=/etc/firejail/tcpserver.net,5001 server-program | ||
955 | .br | ||
956 | |||
957 | |||
958 | |||
940 | .TP | 959 | .TP |
941 | \fB\-\-netfilter.print=name|pid | 960 | \fB\-\-netfilter.print=name|pid |
942 | Print the firewall installed in the sandbox specified by name or PID. Example: | 961 | Print the firewall installed in the sandbox specified by name or PID. Example: |
943 | .br | 962 | .br |
944 | 963 | ||
945 | .br | 964 | .br |
946 | $ firejail --net=browser --net=eth0 --netfilter firefox & | 965 | $ firejail --name=browser --net=eth0 --netfilter firefox & |
947 | .br | 966 | .br |
948 | $ firejail --netfilter.print=browser | 967 | $ firejail --netfilter.print=browser |
949 | 968 | ||
@@ -959,7 +978,7 @@ Print the IPv6 firewall installed in the sandbox specified by name or PID. Examp | |||
959 | .br | 978 | .br |
960 | 979 | ||
961 | .br | 980 | .br |
962 | $ firejail --net=browser --net=eth0 --netfilter firefox & | 981 | $ firejail --name=browser --net=eth0 --netfilter firefox & |
963 | .br | 982 | .br |
964 | $ firejail --netfilter6.print=browser | 983 | $ firejail --netfilter6.print=browser |
965 | 984 | ||