1 files changed, 44 insertions, 0 deletions
diff --git a/etc/tcpdump.profile b/etc/tcpdump.profile
new file mode 100644
index 000000000..3c46dfdcb
--- /dev/null
+++ b/etc/tcpdump.profile
@@ -0,0 +1,44 @@
+# Firejail profile for tcpdump
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include tcpdump.local
+# Persistent global definitions
+include globals.local
+noblacklist /sbin
+noblacklist /usr/sbin
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+include whitelist-common.inc
+caps.keep net_raw
+ipc-namespace
+#net tun0
+netfilter
+no3d
+nodvd
+#nogroups
+nonewprivs
+#noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink,packet
+seccomp
+disable-mnt
+#private
+#private-bin tcpdump
+private-dev
+private-tmp
+memory-deny-write-execute

diff --git a/etc/tcpdump.profile b/etc/tcpdump.profile new file mode 100644 index 000000000..3c46dfdcb --- /dev/null +++ b/etc/tcpdump.profile
@@ -0,0 +1,44 @@
	1	# Firejail profile for tcpdump
	2	# This file is overwritten after every install/update
	3	quiet
	4	# Persistent local customizations
	5	include tcpdump.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist /sbin
	10	noblacklist /usr/sbin
	11
	12	include disable-common.inc
	13	include disable-devel.inc
	14	include disable-exec.inc
	15	include disable-interpreters.inc
	16	include disable-passwdmgr.inc
	17	include disable-programs.inc
	18	include disable-xdg.inc
	19
	20	include whitelist-common.inc
	21
	22	caps.keep net_raw
	23	ipc-namespace
	24	#net tun0
	25	netfilter
	26	no3d
	27	nodvd
	28	#nogroups
	29	nonewprivs
	30	#noroot
	31	nosound
	32	notv
	33	nou2f
	34	novideo
	35	protocol unix,inet,inet6,netlink,packet
	36	seccomp
	37
	38	disable-mnt
	39	#private
	40	#private-bin tcpdump
	41	private-dev
	42	private-tmp
	43
	44	memory-deny-write-execute