From e3a672fd0108c599835c6b099d615a7fce34a94d Mon Sep 17 00:00:00 2001
From: tobias <tobias@tobiastime.xyz>
Date: Sun, 8 Mar 2026 20:37:45 +0000
Subject: [PATCH] Update README.md

---
 README.md | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 395136d..0c162ed 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,27 @@
 # No-Internet Group
+
 ## Description
-Simple methodology to prevent certain Linux desktop programs having access to the public Internet via systemd and iptables
\ No newline at end of file
+Simple methodology to prevent specified Linux desktop programs having access to the public Internet via iptables
+
+## Getting Started
+
+### Dependencies
+*iptables
+*systemd or cron
+*sg
+
+### Creating the Group
+First we will create the controlled access group through which programs will be denied public network access 
+```
+groupadd no-internet
+```
+
+### Creating the Systemd Service
+Note: a similar effect could be achived via crontab by making an entry along the lines of
+```
+@reboot  root  iptables -I OUTPUT 1 -m owner --gid-owner "no-internet" -j DROP
+```
+### Modifying .desktop entries
+
+### Limitations
+As iptables operates at layer 3 programs ran through this sandboxed group will still be able to reach devices within the same broadcast domain 
\ No newline at end of file