Tobias/No-Internet.Group
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
e3a672fd0108c599835c6b099d615a7fce34a94d
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
tobias e3a672fd01 Update README.md
2026-03-08 20:37:45 +00:00
README.md
Update README.md
2026-03-08 20:37:45 +00:00

README.md

No-Internet Group

Description

Simple methodology to prevent specified Linux desktop programs having access to the public Internet via iptables

Getting Started

Dependencies

*iptables *systemd or cron *sg

Creating the Group

First we will create the controlled access group through which programs will be denied public network access

groupadd no-internet

Creating the Systemd Service

Note: a similar effect could be achived via crontab by making an entry along the lines of

@reboot  root  iptables -I OUTPUT 1 -m owner --gid-owner "no-internet" -j DROP

Modifying .desktop entries

Limitations

As iptables operates at layer 3 programs ran through this sandboxed group will still be able to reach devices within the same broadcast domain

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 238 KiB