diff options
author | netblue30 <netblue30@protonmail.com> | 2022-10-24 08:35:01 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-10-24 08:35:01 -0400 |
commit | 729b1251cd1783a0bc72a96ebc5aba455ccb375f (patch) | |
tree | 4abb82b3883dc4d1ce5261815f7e53fd8bc4cc3c /src/man | |
parent | Merge pull request #5431 from netblue30/musl_warnings (diff) | |
download | firejail-729b1251cd1783a0bc72a96ebc5aba455ccb375f.tar.gz firejail-729b1251cd1783a0bc72a96ebc5aba455ccb375f.tar.zst firejail-729b1251cd1783a0bc72a96ebc5aba455ccb375f.zip |
--icmptrace
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 40 |
1 files changed, 37 insertions, 3 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index a7e418981..b4be1cd62 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -791,7 +791,9 @@ Without a name/pid, Firejail will monitor the main system network namespace. | |||
791 | .br | 791 | .br |
792 | 792 | ||
793 | .br | 793 | .br |
794 | $ sudo firejail --dnstrace=browser | 794 | Example: |
795 | .br | ||
796 | $ sudo firejail --dnstrace | ||
795 | .br | 797 | .br |
796 | 11:31:43 9.9.9.9 linux.com (type 1) | 798 | 11:31:43 9.9.9.9 linux.com (type 1) |
797 | .br | 799 | .br |
@@ -917,6 +919,34 @@ $ firejail --ignore=seccomp --ignore=caps firefox | |||
917 | $ firejail \-\-ignore="net eth0" firefox | 919 | $ firejail \-\-ignore="net eth0" firefox |
918 | #endif | 920 | #endif |
919 | 921 | ||
922 | #ifdef HAVE_NETWORK | ||
923 | .TP | ||
924 | \fB\-\-icmptrace[=name|pid] | ||
925 | Monitor ICMP traffic. The sandbox can be specified by name or pid. Only networked sandboxes | ||
926 | created with \-\-net are supported. This option is only available when running the sandbox as root. | ||
927 | .br | ||
928 | |||
929 | .br | ||
930 | Without a name/pid, Firejail will monitor the main system network namespace. | ||
931 | .br | ||
932 | |||
933 | .br | ||
934 | Example | ||
935 | .br | ||
936 | $ sudo firejail --icmptrace | ||
937 | .br | ||
938 | 20:53:54 192.168.1.60 -> 142.250.65.174 - 98 bytes - Echo request/0 | ||
939 | .br | ||
940 | 20:53:54 142.250.65.174 -> 192.168.1.60 - 98 bytes - Echo reply/0 | ||
941 | .br | ||
942 | 20:53:55 192.168.1.60 -> 142.250.65.174 - 98 bytes - Echo request/0 | ||
943 | .br | ||
944 | 20:53:55 142.250.65.174 -> 192.168.1.60 - 98 bytes - Echo reply/0 | ||
945 | .br | ||
946 | 20:53:55 192.168.1.60 -> 1.1.1.1 - 154 bytes - Destination unreachable/Port unreachable | ||
947 | .br | ||
948 | #endif | ||
949 | |||
920 | .TP | 950 | .TP |
921 | \fB\-\-\include=file.profile | 951 | \fB\-\-\include=file.profile |
922 | Include a profile file before the regular profiles are used. | 952 | Include a profile file before the regular profiles are used. |
@@ -1597,7 +1627,9 @@ Without a name/pid, Firejail will monitor the main system network namespace. | |||
1597 | .br | 1627 | .br |
1598 | 1628 | ||
1599 | .br | 1629 | .br |
1600 | $ sudo firejail --nettrace=browser | 1630 | Example: |
1631 | .br | ||
1632 | $ sudo firejail --nettrace | ||
1601 | .br | 1633 | .br |
1602 | 95 KB/s geoip 457, IP database 4436 | 1634 | 95 KB/s geoip 457, IP database 4436 |
1603 | .br | 1635 | .br |
@@ -2791,7 +2823,9 @@ Without a name/pid, Firejail will monitor the main system network namespace. | |||
2791 | .br | 2823 | .br |
2792 | 2824 | ||
2793 | .br | 2825 | .br |
2794 | $ sudo firejail --snitrace=browser | 2826 | Example: |
2827 | .br | ||
2828 | $ sudo firejail --snitrace | ||
2795 | .br | 2829 | .br |
2796 | 07:49:51 23.185.0.3 linux.com | 2830 | 07:49:51 23.185.0.3 linux.com |
2797 | .br | 2831 | .br |