Tobias/No-Internet.Group
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5 Commits 1 Branch 0 Tags
2bbeda8f16854897b33cb1e45545293b6f2d0268
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
tobias 2bbeda8f16 Update README.md
2026-03-08 20:38:17 +00:00
README.md
Update README.md
2026-03-08 20:38:17 +00:00

README.md

No-Internet Group

Description

Simple methodology to prevent specified Linux desktop programs having access to the public Internet via iptables

Getting Started

Dependencies

*iptables

*systemd or cron

*sg

Creating the Group

First we will create the controlled access group through which programs will be denied public network access

groupadd no-internet

Creating the Systemd Service

Note: a similar effect could be achived via crontab by making an entry along the lines of

@reboot  root  iptables -I OUTPUT 1 -m owner --gid-owner "no-internet" -j DROP

Modifying .desktop entries

Limitations

As iptables operates at layer 3 programs ran through this sandboxed group will still be able to reach devices within the same broadcast domain

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 238 KiB