diff options
author | Kristóf Marussy <kris7topher@gmail.com> | 2020-01-27 21:41:46 +0100 |
---|---|---|
committer | Kristóf Marussy <kris7topher@gmail.com> | 2020-01-27 22:09:50 +0100 |
commit | 649bcd4bfbd7b24ec95873e97e3b5270d84ec374 (patch) | |
tree | e40147e73cb1a456d99125b9a3cc317e9400945a /src | |
parent | Fix unsigned comparison error (#3174) (diff) | |
download | firejail-649bcd4bfbd7b24ec95873e97e3b5270d84ec374.tar.gz firejail-649bcd4bfbd7b24ec95873e97e3b5270d84ec374.tar.zst firejail-649bcd4bfbd7b24ec95873e97e3b5270d84ec374.zip |
Documentation for DHCP support
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/usage.c | 2 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 53 | ||||
-rw-r--r-- | src/man/firejail.txt | 49 |
3 files changed, 104 insertions, 0 deletions
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index c8dc39a04..52d4f7c03 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -82,7 +82,9 @@ static char *usage_str = | |||
82 | " --interface=name - move interface in sandbox.\n" | 82 | " --interface=name - move interface in sandbox.\n" |
83 | " --ip=address - set interface IP address.\n" | 83 | " --ip=address - set interface IP address.\n" |
84 | " --ip=none - no IP address and no default gateway are configured.\n" | 84 | " --ip=none - no IP address and no default gateway are configured.\n" |
85 | " --ip=dhcp - acquire IP address by running dhclient.\n" | ||
85 | " --ip6=address - set interface IPv6 address.\n" | 86 | " --ip6=address - set interface IPv6 address.\n" |
87 | " --ip6=dhcp - acquire IPv6 address by running dhclient.\n" | ||
86 | " --iprange=address,address - configure an IP address in this range.\n" | 88 | " --iprange=address,address - configure an IP address in this range.\n" |
87 | #endif | 89 | #endif |
88 | " --ipc-namespace - enable a new IPC namespace.\n" | 90 | " --ipc-namespace - enable a new IPC namespace.\n" |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 719a80c2c..84aed41a4 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -582,6 +582,33 @@ net eth0 | |||
582 | ip none | 582 | ip none |
583 | 583 | ||
584 | .TP | 584 | .TP |
585 | \fBip dhcp | ||
586 | Acquire an IP address and default gateway for the last interface defined by a | ||
587 | net command, as well as set the DNS servers according to the DHCP response. | ||
588 | This command requires the ISC dhclient DHCP client to be installed and will start | ||
589 | it automatically inside the sandbox. | ||
590 | .br | ||
591 | |||
592 | .br | ||
593 | Example: | ||
594 | .br | ||
595 | net br0 | ||
596 | .br | ||
597 | ip dhcp | ||
598 | .br | ||
599 | |||
600 | .br | ||
601 | This command should not be used in conjunction with the dns command if the | ||
602 | DHCP server is set to configure DNS servers for the clients, because the | ||
603 | manually specified DNS servers will be overwritten. | ||
604 | |||
605 | .br | ||
606 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
607 | If your DHCP server requires leases to be explicitly released, consider running | ||
608 | a DHCP client and releasing the lease manually in conjunction with the | ||
609 | net none command. | ||
610 | |||
611 | .TP | ||
585 | \fBip6 address | 612 | \fBip6 address |
586 | Assign IPv6 addresses to the last network interface defined by a net command. | 613 | Assign IPv6 addresses to the last network interface defined by a net command. |
587 | .br | 614 | .br |
@@ -594,6 +621,32 @@ net eth0 | |||
594 | ip6 2001:0db8:0:f101::1/64 | 621 | ip6 2001:0db8:0:f101::1/64 |
595 | 622 | ||
596 | .TP | 623 | .TP |
624 | \fBip6 dhcp | ||
625 | Acquire an IPv6 address and default gateway for the last interface defined by a | ||
626 | net command, as well as set the DNS servers according to the DHCP response. | ||
627 | This command requires the ISC dhclient DHCP client to be installed and will start | ||
628 | it automatically inside the sandbox. | ||
629 | .br | ||
630 | |||
631 | .br | ||
632 | Example: | ||
633 | .br | ||
634 | net br0 | ||
635 | .br | ||
636 | ip6 dhcp | ||
637 | .br | ||
638 | |||
639 | .br | ||
640 | This command should not be used in conjunction with the dns command if the | ||
641 | DHCP server is set to configure DNS servers for the clients, because the | ||
642 | manually specified DNS servers will be overwritten. | ||
643 | |||
644 | .br | ||
645 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
646 | If your DHCP server requires leases to be explicitly released, consider running | ||
647 | a DHCP client and releasing the lease manually. | ||
648 | |||
649 | .TP | ||
597 | \fBiprange address,address | 650 | \fBiprange address,address |
598 | Assign an IP address in the provided range to the last network | 651 | Assign an IP address in the provided range to the last network |
599 | interface defined by a net command. A default gateway is assigned by default. | 652 | interface defined by a net command. A default gateway is assigned by default. |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index e5abcdcf5..4b1134686 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -567,6 +567,31 @@ If the corresponding interface doesn't have an IP address configured, this | |||
567 | option is enabled by default. | 567 | option is enabled by default. |
568 | 568 | ||
569 | .TP | 569 | .TP |
570 | \fB\-\-ip=dhcp | ||
571 | Acquire an IP address and default gateway for the last interface defined by a | ||
572 | \-\-net option, as well as set the DNS servers according to the DHCP response. | ||
573 | This option requires the ISC dhclient DHCP client to be installed and will start | ||
574 | it automatically inside the sandbox. | ||
575 | .br | ||
576 | |||
577 | .br | ||
578 | Example: | ||
579 | .br | ||
580 | $ firejail \-\-net=br0 \-\-ip=dhcp | ||
581 | .br | ||
582 | |||
583 | .br | ||
584 | This option should not be used in conjunction with the \-\-dns option if the | ||
585 | DHCP server is set to configure DNS servers for the clients, because the | ||
586 | manually specified DNS servers will be overwritten. | ||
587 | |||
588 | .br | ||
589 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
590 | If your DHCP server requires leases to be explicitly released, consider running | ||
591 | a DHCP client and releasing the lease manually in conjunction with the | ||
592 | \-\-net=none option. | ||
593 | |||
594 | .TP | ||
570 | \fB\-\-ip6=address | 595 | \fB\-\-ip6=address |
571 | Assign IPv6 addresses to the last network interface defined by a \-\-net option. | 596 | Assign IPv6 addresses to the last network interface defined by a \-\-net option. |
572 | .br | 597 | .br |
@@ -579,6 +604,30 @@ $ firejail \-\-net=eth0 \-\-ip6=2001:0db8:0:f101::1/64 firefox | |||
579 | Note: you don't need this option if you obtain your ip6 address from router via SLAAC (your ip6 address and default route will be configured by kernel automatically). | 604 | Note: you don't need this option if you obtain your ip6 address from router via SLAAC (your ip6 address and default route will be configured by kernel automatically). |
580 | 605 | ||
581 | .TP | 606 | .TP |
607 | \fB\-\-ip6=dhcp | ||
608 | Acquire an IPv6 address and default gateway for the last interface defined by a | ||
609 | \-\-net option, as well as set the DNS servers according to the DHCP response. | ||
610 | This option requires the ISC dhclient DHCP client to be installed and will start | ||
611 | it automatically inside the sandbox. | ||
612 | .br | ||
613 | |||
614 | .br | ||
615 | Example: | ||
616 | .br | ||
617 | $ firejail \-\-net=br0 \-\-ip6=dhcp | ||
618 | .br | ||
619 | |||
620 | .br | ||
621 | This option should not be used in conjunction with the \-\-dns option if the | ||
622 | DHCP server is set to configure DNS servers for the clients, because the | ||
623 | manually specified DNS servers will be overwritten. | ||
624 | |||
625 | .br | ||
626 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
627 | If your DHCP server requires leases to be explicitly released, consider running | ||
628 | a DHCP client and releasing the lease manually. | ||
629 | |||
630 | .TP | ||
582 | \fB\-\-iprange=address,address | 631 | \fB\-\-iprange=address,address |
583 | Assign an IP address in the provided range to the last network interface defined by a \-\-net option. A | 632 | Assign an IP address in the provided range to the last network interface defined by a \-\-net option. A |
584 | default gateway is assigned by default. | 633 | default gateway is assigned by default. |