diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 40 |
1 files changed, 32 insertions, 8 deletions
@@ -283,6 +283,25 @@ INTRUSION DETECTION SYSTEM (IDS) | |||
283 | 283 | ||
284 | ````` | 284 | ````` |
285 | 285 | ||
286 | ### File descriptors | ||
287 | ````` | ||
288 | --keep-fd=all | ||
289 | Inherit all open file descriptors to the sandbox. By default | ||
290 | only file descriptors 0, 1 and 2 are inherited to the sandbox, | ||
291 | and all other file descriptors are closed. | ||
292 | |||
293 | Example: | ||
294 | $ firejail --keep-fd=all | ||
295 | |||
296 | --keep-fd=file_descriptor | ||
297 | Don't close specified open file descriptors. By default only | ||
298 | file descriptors 0, 1 and 2 are inherited to the sandbox, and | ||
299 | all other file descriptors are closed. | ||
300 | |||
301 | Example: | ||
302 | $ firejail --keep-fd=3,4,5 | ||
303 | ````` | ||
304 | |||
286 | ### Deteministic Shutdown | 305 | ### Deteministic Shutdown |
287 | ````` | 306 | ````` |
288 | --deterministic-exit-code | 307 | --deterministic-exit-code |
@@ -304,13 +323,17 @@ INTRUSION DETECTION SYSTEM (IDS) | |||
304 | supported. | 323 | supported. |
305 | 324 | ||
306 | $ firejail --nettrace=browser | 325 | $ firejail --nettrace=browser |
307 | 9.9.9.9:53 => 192.168.1.60 UDP: 122 B/sec | 326 | 86 KB/s ********* 64.222.84.207:443 United States |
308 | 72.21.91.29:80 => 192.168.1.60 TCP: 257 B/sec | 327 | 76 KB/s ******** 192.229.210.163:443 MCI |
309 | 80.92.126.65:123 => 192.168.1.60 UDP: 25 B/sec | 328 | 111 B/s 9.9.9.9:53 Quad9 DNS |
310 | 69.30.241.50:443 => 192.168.1.60 TCP: 88 KB/sec | 329 | 32 KB/s *** 142.250.179.182:443 Google |
311 | 140.82.112.4:443 => 192.168.1.60 TCP: 1861 B/sec | 330 | |
312 | 331 | If /usr/bin/geoiplookup is installed (geoip-bin packet in De‐ | |
313 | (14 streams in the last one minute) | 332 | bian), the country the IP address originates from is added to |
333 | the trace. We also use the static IP map in /etc/firejail/host‐ | ||
334 | names to print the domain names for some of the more common web‐ | ||
335 | sites and cloud platforms. No external services are contacted | ||
336 | for reverse IP lookup. | ||
314 | 337 | ||
315 | ````` | 338 | ````` |
316 | 339 | ||
@@ -353,4 +376,5 @@ Stats: | |||
353 | ### New profiles: | 376 | ### New profiles: |
354 | 377 | ||
355 | clion-eap, lifeograph, io.github.lainsce.Notejot, rednotebook, zim, microsoft-edge-beta, ncdu2, gallery-dl, yt-dlp, goldendict, bundle, | 378 | clion-eap, lifeograph, io.github.lainsce.Notejot, rednotebook, zim, microsoft-edge-beta, ncdu2, gallery-dl, yt-dlp, goldendict, bundle, |
356 | cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable | 379 | cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable, RPCS3, wget2, raincat, |
380 | cointop, 1password | ||