Tobias/No-Internet.Group
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
tobias
2026-03-08 20:37:45 +00:00
parent 77b00bed2e
commit e3a672fd01
1 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
README.md
View File

@@ -1,3 +1,27 @@
# No-Internet Group
## Description
Simple methodology to prevent certain Linux desktop programs having access to the public Internet via systemd and iptables
Simple methodology to prevent specified Linux desktop programs having access to the public Internet via iptables
## Getting Started
### Dependencies
*iptables
*systemd or cron
*sg
### Creating the Group
First we will create the controlled access group through which programs will be denied public network access
```
groupadd no-internet
```
### Creating the Systemd Service
Note: a similar effect could be achived via crontab by making an entry along the lines of
```
@reboot root iptables -I OUTPUT 1 -m owner --gid-owner "no-internet" -j DROP
```
### Modifying .desktop entries
### Limitations
As iptables operates at layer 3 programs ran through this sandboxed group will still be able to reach devices within the same broadcast domain