LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   4MLinux (https://www.linuxquestions.org/questions/4mlinux-115/)
-   -   Now to block all in/out traffic? (except for Palemoon) (https://www.linuxquestions.org/questions/4mlinux-115/now-to-block-all-in-out-traffic-except-for-palemoon-4175699669/)

4ML220 08-25-2021 07:04 AM
Now to block all in/out traffic? (except for Palemoon)
 
Cloud you help me please with the settings 4Mlinux 37 x64 - how can I block all in/out traffic for LAN, WLAN, Bluetooth, except for Palemoon?
Thank you.

ferrari 08-26-2021 03:02 PM
A couple of suggestions from me (not complete solutions)...

1) It is possible to construct an iptables rule to drop all traffic apart from a given group (gid) such that palemoon could still access the internet. For example, create the group "internet-group" and iptables similar to the following...
Code:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m owner --gid-owner internet-group -j ALLOW
You would need to execute palemoon with the sg command (or make a desktop shortcut)...
Code:
sg internet-group palemoon
2) Not application-specific, but just block all traffic except for web-traffic. For example...
Code:
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
3) Have look at using OpenSnitch (application-level firewall) in addition to your kernel-based firewall....

https://linuxsecurity.expert/tools/opensnitch/
https://itsfoss.com/opensnitch-firewall-linux/
https://www.linuxuprising.com/2018/0...plication.html


All times are GMT -5. The time now is 05:42 PM.