1 files changed, 32 insertions, 8 deletions
diff --git a/README.md b/README.md
index fcf92f56a..d4e83f927 100644
--- a/README.md
+++ b/README.md
@@ -283,6 +283,25 @@ INTRUSION DETECTION SYSTEM (IDS)
 `````
+### File descriptors
+`````
+       --keep-fd=all
+              Inherit all open file descriptors to  the  sandbox.  By  default
+              only  file  descriptors 0, 1 and 2 are inherited to the sandbox,
+              and all other file descriptors are closed.
+              Example:
+              $ firejail --keep-fd=all
+       --keep-fd=file_descriptor
+              Don't close specified open file  descriptors.  By  default  only
+              file  descriptors  0,  1 and 2 are inherited to the sandbox, and
+              all other file descriptors are closed.
+              Example:
+              $ firejail --keep-fd=3,4,5
+`````
 ### Deteministic Shutdown
 `````
      --deterministic-exit-code
@@ -304,13 +323,17 @@ INTRUSION DETECTION SYSTEM (IDS)
              supported.
              $ firejail --nettrace=browser
-              9.9.9.9:53              =>      192.168.1.60    UDP: 122 B/sec
+                 86 KB/s *********           64.222.84.207:443 United States
-              72.21.91.29:80          =>      192.168.1.60    TCP: 257 B/sec
+                 76 KB/s ********            192.229.210.163:443 MCI
-              80.92.126.65:123        =>      192.168.1.60    UDP: 25 B/sec
+                111 B/s                      9.9.9.9:53 Quad9 DNS
-              69.30.241.50:443        =>      192.168.1.60    TCP: 88 KB/sec
+                 32 KB/s ***                 142.250.179.182:443 Google
-              140.82.112.4:443        =>      192.168.1.60    TCP: 1861 B/sec
+              If  /usr/bin/geoiplookup  is  installed (geoip-bin packet in De‐
-              (14 streams in the last one minute)
+              bian), the country the IP address originates from  is  added  to
+              the trace.  We also use the static IP map in /etc/firejail/host‐
+              names to print the domain names for some of the more common web‐
+              sites  and  cloud platforms.  No external services are contacted
+              for reverse IP lookup.
 `````
@@ -353,4 +376,5 @@ Stats:
 ### New profiles:
 clion-eap, lifeograph, io.github.lainsce.Notejot, rednotebook, zim, microsoft-edge-beta, ncdu2, gallery-dl, yt-dlp, goldendict, bundle,
-cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable
+cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable, RPCS3, wget2, raincat,
+cointop, 1password

diff --git a/README.md b/README.md index fcf92f56a..d4e83f927 100644 --- a/README.md +++ b/README.md
@@ -283,6 +283,25 @@ INTRUSION DETECTION SYSTEM (IDS)
283		283
284	`````	284	`````
285		285
		286	### File descriptors
		287	`````
		288	--keep-fd=all
		289	Inherit all open file descriptors to the sandbox. By default
		290	only file descriptors 0, 1 and 2 are inherited to the sandbox,
		291	and all other file descriptors are closed.
		292
		293	Example:
		294	$ firejail --keep-fd=all
		295
		296	--keep-fd=file_descriptor
		297	Don't close specified open file descriptors. By default only
		298	file descriptors 0, 1 and 2 are inherited to the sandbox, and
		299	all other file descriptors are closed.
		300
		301	Example:
		302	$ firejail --keep-fd=3,4,5
		303	`````
		304
286	### Deteministic Shutdown	305	### Deteministic Shutdown
287	`````	306	`````
288	--deterministic-exit-code	307	--deterministic-exit-code
@@ -304,13 +323,17 @@ INTRUSION DETECTION SYSTEM (IDS)
304	supported.	323	supported.
305		324
306	$ firejail --nettrace=browser	325	$ firejail --nettrace=browser
307	9.9.9.9:53 => 192.168.1.60 UDP: 122 B/sec	326	86 KB/s ********* 64.222.84.207:443 United States
308	72.21.91.29:80 => 192.168.1.60 TCP: 257 B/sec	327	76 KB/s ******** 192.229.210.163:443 MCI
309	80.92.126.65:123 => 192.168.1.60 UDP: 25 B/sec	328	111 B/s 9.9.9.9:53 Quad9 DNS
310	69.30.241.50:443 => 192.168.1.60 TCP: 88 KB/sec	329	32 KB/s *** 142.250.179.182:443 Google
311	140.82.112.4:443 => 192.168.1.60 TCP: 1861 B/sec	330
312		331	If /usr/bin/geoiplookup is installed (geoip-bin packet in De‐
313	(14 streams in the last one minute)	332	bian), the country the IP address originates from is added to
		333	the trace. We also use the static IP map in /etc/firejail/host‐
		334	names to print the domain names for some of the more common web‐
		335	sites and cloud platforms. No external services are contacted
		336	for reverse IP lookup.
314		337
315	`````	338	`````
316		339
@@ -353,4 +376,5 @@ Stats:
353	### New profiles:	376	### New profiles:
354		377
355	clion-eap, lifeograph, io.github.lainsce.Notejot, rednotebook, zim, microsoft-edge-beta, ncdu2, gallery-dl, yt-dlp, goldendict, bundle,	378	clion-eap, lifeograph, io.github.lainsce.Notejot, rednotebook, zim, microsoft-edge-beta, ncdu2, gallery-dl, yt-dlp, goldendict, bundle,
356	cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable	379	cmake, make, meson, pip, codium, telnet, ftp, OpenStego, imv, retroarch, torbrowser, CachyBrowser, notable, RPCS3, wget2, raincat,
		380	cointop, 1password