diff options
Diffstat (limited to 'src/firejail/netfilter.c')
| -rw-r--r-- | src/firejail/netfilter.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c index 686efb6cb..aab03c796 100644 --- a/src/firejail/netfilter.c +++ b/src/firejail/netfilter.c | |||
| @@ -91,24 +91,20 @@ void netfilter_netlock(pid_t pid) { | |||
| 91 | // it will never get here!! | 91 | // it will never get here!! |
| 92 | } | 92 | } |
| 93 | 93 | ||
| 94 | void netfilter_trace(pid_t pid) { | 94 | void netfilter_trace(pid_t pid, const char *cmd) { |
| 95 | EUID_ASSERT(); | 95 | EUID_ASSERT(); |
| 96 | 96 | ||
| 97 | // a pid of 0 means the main system network namespace | 97 | // a pid of 0 means the main system network namespace |
| 98 | if (pid) | 98 | if (pid) |
| 99 | enter_network_namespace(pid); | 99 | enter_network_namespace(pid); |
| 100 | 100 | ||
| 101 | char *cmd; | ||
| 102 | if (asprintf(&cmd, "%s/firejail/fnettrace", LIBDIR) == -1) | ||
| 103 | errExit("asprintf"); | ||
| 104 | |||
| 105 | //************************ | 101 | //************************ |
| 106 | // build command | 102 | // build command |
| 107 | //************************ | 103 | //************************ |
| 108 | char *arg[4]; | 104 | char *arg[4]; |
| 109 | arg[0] = "/bin/sh"; | 105 | arg[0] = "/bin/sh"; |
| 110 | arg[1] = "-c"; | 106 | arg[1] = "-c"; |
| 111 | arg[2] = cmd; | 107 | arg[2] = (char *) cmd; |
| 112 | arg[3] = NULL; | 108 | arg[3] = NULL; |
| 113 | 109 | ||
| 114 | clearenv(); | 110 | clearenv(); |