1 files changed, 25 insertions, 3 deletions

diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index b5cb1e7c2..b366fed7c 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1256,7 +1256,7 @@ $ firejail \-\-net=br0 \-\-net=br1
 .TP
 \fB\-\-net=ethernet_interface|wireless_interface
 Enable a new network namespace and connect it
-to this ethernet interface using the standard Linux macvlan|ipvaln
+to this ethernet interface using the standard Linux macvlan|ipvlan
 driver. Unless specified with option \-\-ip and \-\-defaultgw, an
 IP address and a default gateway will be assigned automatically
 to the sandbox. The IP address is verified using ARP before
@@ -1479,6 +1479,29 @@ PID  User    RX(KB/s) TX(KB/s) Command
 1294 netblue 53.355   1.473    firejail \-\-net=eth0 firefox
 .br
 7383 netblue 9.045    0.112    firejail \-\-net=eth0 transmission
+.TP
+\fB\-\-nettrace=name|pid
+Monitor TCP and UDP traffic coming into the sandbox specified by name or pid. Only networked sandboxes
+created with \-\-net are supported.
+.br
+
+.br
+$ firejail --nettrace=browser
+.br
+9.9.9.9:53              =>      192.168.1.60    UDP: 122 B/sec
+.br
+72.21.91.29:80          =>      192.168.1.60    TCP: 257 B/sec
+.br
+80.92.126.65:123        =>      192.168.1.60    UDP: 25 B/sec
+.br
+69.30.241.50:443        =>      192.168.1.60    TCP: 88 KB/sec
+.br
+140.82.112.4:443        =>      192.168.1.60    TCP: 1861 B/sec
+.br
+
+.br
+(14 streams in the last one minute)
+
 #endif
 .TP
 \fB\-\-nice=value
@@ -1863,7 +1886,6 @@ $ firejail \-\-private-cache openbox
 .TP
 \fB\-\-private-cwd
 Set working directory inside jail to the home directory, and failing that, the root directory.
-.br
 Does not impact working directory of profile include paths.
 .br
 
@@ -1884,7 +1906,7 @@ $ pwd
 .TP
 \fB\-\-private-cwd=directory
 Set working directory inside the jail.
-.br
+Full directory path is required. Symbolic links are not allowed.
 Does not impact working directory of profile include paths.
 .br