Update README.md

README.md

@@ -3,6 +3,22 @@
 ## Description
 Simple minimalistic methodology to prevent specified Linux programs having access to the public Internet via iptables
 
+## Workflow
+
+```
+System applies no-internet iptables rule at boot
+        ↓
+User executes program
+        ↓
+Program is launched via sg with the group "no-internet"
+        ↓
+Newly created process inherits no-internet GID
+        ↓
+iptables matches packets from processes with the no-internet GID
+        ↓
+Outbound packets belonging to the program dropped
+```
+
 ## Getting Started
 
 ### Dependencies