diff options
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index b5cb1e7c2..b366fed7c 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1256,7 +1256,7 @@ $ firejail \-\-net=br0 \-\-net=br1 | |||
1256 | .TP | 1256 | .TP |
1257 | \fB\-\-net=ethernet_interface|wireless_interface | 1257 | \fB\-\-net=ethernet_interface|wireless_interface |
1258 | Enable a new network namespace and connect it | 1258 | Enable a new network namespace and connect it |
1259 | to this ethernet interface using the standard Linux macvlan|ipvaln | 1259 | to this ethernet interface using the standard Linux macvlan|ipvlan |
1260 | driver. Unless specified with option \-\-ip and \-\-defaultgw, an | 1260 | driver. Unless specified with option \-\-ip and \-\-defaultgw, an |
1261 | IP address and a default gateway will be assigned automatically | 1261 | IP address and a default gateway will be assigned automatically |
1262 | to the sandbox. The IP address is verified using ARP before | 1262 | to the sandbox. The IP address is verified using ARP before |
@@ -1479,6 +1479,29 @@ PID User RX(KB/s) TX(KB/s) Command | |||
1479 | 1294 netblue 53.355 1.473 firejail \-\-net=eth0 firefox | 1479 | 1294 netblue 53.355 1.473 firejail \-\-net=eth0 firefox |
1480 | .br | 1480 | .br |
1481 | 7383 netblue 9.045 0.112 firejail \-\-net=eth0 transmission | 1481 | 7383 netblue 9.045 0.112 firejail \-\-net=eth0 transmission |
1482 | .TP | ||
1483 | \fB\-\-nettrace=name|pid | ||
1484 | Monitor TCP and UDP traffic coming into the sandbox specified by name or pid. Only networked sandboxes | ||
1485 | created with \-\-net are supported. | ||
1486 | .br | ||
1487 | |||
1488 | .br | ||
1489 | $ firejail --nettrace=browser | ||
1490 | .br | ||
1491 | 9.9.9.9:53 => 192.168.1.60 UDP: 122 B/sec | ||
1492 | .br | ||
1493 | 72.21.91.29:80 => 192.168.1.60 TCP: 257 B/sec | ||
1494 | .br | ||
1495 | 80.92.126.65:123 => 192.168.1.60 UDP: 25 B/sec | ||
1496 | .br | ||
1497 | 69.30.241.50:443 => 192.168.1.60 TCP: 88 KB/sec | ||
1498 | .br | ||
1499 | 140.82.112.4:443 => 192.168.1.60 TCP: 1861 B/sec | ||
1500 | .br | ||
1501 | |||
1502 | .br | ||
1503 | (14 streams in the last one minute) | ||
1504 | |||
1482 | #endif | 1505 | #endif |
1483 | .TP | 1506 | .TP |
1484 | \fB\-\-nice=value | 1507 | \fB\-\-nice=value |
@@ -1863,7 +1886,6 @@ $ firejail \-\-private-cache openbox | |||
1863 | .TP | 1886 | .TP |
1864 | \fB\-\-private-cwd | 1887 | \fB\-\-private-cwd |
1865 | Set working directory inside jail to the home directory, and failing that, the root directory. | 1888 | Set working directory inside jail to the home directory, and failing that, the root directory. |
1866 | .br | ||
1867 | Does not impact working directory of profile include paths. | 1889 | Does not impact working directory of profile include paths. |
1868 | .br | 1890 | .br |
1869 | 1891 | ||
@@ -1884,7 +1906,7 @@ $ pwd | |||
1884 | .TP | 1906 | .TP |
1885 | \fB\-\-private-cwd=directory | 1907 | \fB\-\-private-cwd=directory |
1886 | Set working directory inside the jail. | 1908 | Set working directory inside the jail. |
1887 | .br | 1909 | Full directory path is required. Symbolic links are not allowed. |
1888 | Does not impact working directory of profile include paths. | 1910 | Does not impact working directory of profile include paths. |
1889 | .br | 1911 | .br |
1890 | 1912 | ||