nettrace

2026-05-15 14:16:14 -06:00 · 2021-12-28 12:19:44 -05:00 · 2021-12-28 12:19:44 -05:00 · e9843593cb
commit e9843593cb
parent 54b28a0b63
5 changed files with 44 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -43,6 +43,7 @@ src/profstats/profstats
 src/bash_completion/firejail.bash_completion
 src/zsh_completion/_firejail
 src/jailcheck/jailcheck
+src/fnettrace/fnettrace
 uids.h
 seccomp
 seccomp.debug
--- a/README.md
+++ b/README.md
@ -296,6 +296,24 @@ INTRUSION DETECTION SYSTEM (IDS)
              as it contains running processes.
 `````

+### Network Monitor
+`````
+       --nettrace=name|pid
+              Monitor TCP and UDP traffic coming into the sandbox specified by
+              name or pid. Only networked sandboxes  created  with  --net  are
+              supported.
+
+              $ firejail --nettrace=browser
+              9.9.9.9:53              =>      192.168.1.60    UDP: 122 B/sec
+              72.21.91.29:80          =>      192.168.1.60    TCP: 257 B/sec
+              80.92.126.65:123        =>      192.168.1.60    UDP: 25 B/sec
+              69.30.241.50:443        =>      192.168.1.60    TCP: 88 KB/sec
+              140.82.112.4:443        =>      192.168.1.60    TCP: 1861 B/sec
+
+              (14 streams in the last one minute)
+
+`````
+
 ### Profile Statistics

 A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory.
--- a/1
+++ b/1
@ -5,6 +5,7 @@ firejail (0.9.67) baseline; urgency=low
  * deterministic shutdown (--deterministic-exit-code,
     --deterministic-shutdown) (#4635)
  * noprinters command (#4607)
+  * network monitor (--nettrace)
  * build: firecfg.config is now installed to /etc/firejail/ (#4669)
  * removed --disable-whitelist at compile time
  * removed whitelist=yes/no in /etc/firejail/firejail.config
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@ -150,6 +150,7 @@ static char *usage_str =
 	"\tparent interfaces.\n"
 	"    --netns=name - Run the program in a named, persistent network namespace.\n"
 	"    --netstats - monitor network statistics.\n"
+	"    --nettrace - monitor TCP and UDP traffic coming into the sandbox.\n"
 #endif
 	"    --nice=value - set nice value.\n"
 	"    --no3d - disable 3D hardware acceleration.\n"
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@ -1479,6 +1479,29 @@ PID  User    RX(KB/s) TX(KB/s) Command
 1294 netblue 53.355   1.473    firejail \-\-net=eth0 firefox
 .br
 7383 netblue 9.045    0.112    firejail \-\-net=eth0 transmission
+.TP
+\fB\-\-nettrace=name|pid
+Monitor TCP and UDP traffic coming into the sandbox specified by name or pid. Only networked sandboxes
+created with \-\-net are supported.
+.br
+
+.br
+$ firejail --nettrace=browser
+.br
+9.9.9.9:53              =>      192.168.1.60    UDP: 122 B/sec
+.br
+72.21.91.29:80          =>      192.168.1.60    TCP: 257 B/sec
+.br
+80.92.126.65:123        =>      192.168.1.60    UDP: 25 B/sec
+.br
+69.30.241.50:443        =>      192.168.1.60    TCP: 88 KB/sec
+.br
+140.82.112.4:443        =>      192.168.1.60    TCP: 1861 B/sec
+.br
+
+.br
+(14 streams in the last one minute)
+
 #endif
 .TP
 \fB\-\-nice=value