github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

[GH-ISSUE #108] Support for --net=local #69

New issue
Open
opened 2026-05-05 04:56:33 -06:00 by gitea-mirror · 17 comments
gitea-mirror commented 2026-05-05 04:56:33 -06:00
Owner
Copy link

Originally created by @netblue30 on GitHub (Oct 28, 2015).
Original GitHub issue: https://github.com/netblue30/firejail/issues/108

Currently, --net=none creates a network namespace with only a new loopback interface. Implemente a --net=local option that would create a network namespace with only the existing loopback interface. Reported on wordpress.com

Originally created by @netblue30 on GitHub (Oct 28, 2015). Original GitHub issue: https://github.com/netblue30/firejail/issues/108 Currently, --net=none creates a network namespace with only a new loopback interface. Implemente a --net=local option that would create a network namespace with only the existing loopback interface. Reported on wordpress.com
gitea-mirror added the
enhancement
networking
 labels 2026-05-05 04:56:33 -06:00
gitea-mirror commented 2026-05-05 04:56:36 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Oct 31, 2015):

The problem is an interface cannot belong to more than one network namespace. The feature cannot be implemented without Linux kernel modifications.

<!-- gh-comment-id:152734822 --> @netblue30 commented on GitHub (Oct 31, 2015): The problem is an interface cannot belong to more than one network namespace. The feature cannot be implemented without Linux kernel modifications.
gitea-mirror commented 2026-05-05 04:56:39 -06:00
Author
Owner
Copy link

@pitchforks commented on GitHub (Nov 8, 2015):

Is it possible to have explicit blacklisting of existing network interfaces then? This would achieve the same result if one blacklisted all interfaces except the loopback. Or is this impossible due to same Linux kernel technical restrictions, despite being worded differently?

<!-- gh-comment-id:154828483 --> @pitchforks commented on GitHub (Nov 8, 2015): Is it possible to have explicit blacklisting of existing network interfaces then? This would achieve the same result if one blacklisted all interfaces except the loopback. Or is this impossible due to same Linux kernel technical restrictions, despite being worded differently?
gitea-mirror commented 2026-05-05 04:56:43 -06:00
Author
Owner
Copy link

@netblue30 commented on GitHub (Nov 9, 2015):

No, blacklisting will not work because of the way they set the namespace inside the kernel. I'll try to build a proxy and move the network traffic between the two loopback interfaces (the one on the host, and the one in the sandbox). I think it should work.

<!-- gh-comment-id:154902719 --> @netblue30 commented on GitHub (Nov 9, 2015): No, blacklisting will not work because of the way they set the namespace inside the kernel. I'll try to build a proxy and move the network traffic between the two loopback interfaces (the one on the host, and the one in the sandbox). I think it should work.
gitea-mirror commented 2026-05-05 04:56:45 -06:00
Author
Owner
Copy link

@Sidnioulz commented on GitHub (Jan 30, 2016):

One approach could be to create a veth pair to redirect all within-sandbox traffic to the host, and use an iptables rule to route all that traffic to 127.0.0.1? Or to another specific IP/port. I do that to redirect all my sandboxes' network traffic to my host's default gateway, providing transparent networking with bandwidth control.

<!-- gh-comment-id:177256223 --> @Sidnioulz commented on GitHub (Jan 30, 2016): One approach could be to create a veth pair to redirect all within-sandbox traffic to the host, and use an iptables rule to route all that traffic to 127.0.0.1? Or to another specific IP/port. I do that to redirect all my sandboxes' network traffic to my host's default gateway, providing transparent networking with bandwidth control.
gitea-mirror commented 2026-05-05 04:56:46 -06:00
Author
Owner
Copy link

@biergaizi commented on GitHub (Jul 13, 2017):

Two years later, and there's still no progress on it? I'd like to make a bitcoin donation to make this feature implemented 😆

<!-- gh-comment-id:315075051 --> @biergaizi commented on GitHub (Jul 13, 2017): Two years later, and there's still no progress on it? I'd like to make a bitcoin donation to make this feature implemented 😆
gitea-mirror commented 2026-05-05 04:56:48 -06:00
Author
Owner
Copy link

@chiraag-nataraj commented on GitHub (Jun 7, 2018):

As far as I know, it's been another year now @biergaizi 😉

<!-- gh-comment-id:395566754 --> @chiraag-nataraj commented on GitHub (Jun 7, 2018): As far as I know, it's been another year now @biergaizi :wink:
gitea-mirror commented 2026-05-05 04:56:50 -06:00
Author
Owner
Copy link

@guillaume-uH57J9 commented on GitHub (Nov 10, 2022):

socat to the rescue!

An alternative solution is to configure your service to be accessible via a socket file, then setup a sandbox with --net=none, and finally run socat IN the sanxbox to listen on the sandbox's loopback interface, and redirect the connection to the socket file.

If that service is torsocks, you'll need to add --whitelist=/run/tor, and run this within the sandbox:
socat TCP-LISTEN:9050,fork,bind=localhost UNIX-CONNECT:/run/tor/socks

Edit: add --whitelits mention

<!-- gh-comment-id:1310978961 --> @guillaume-uH57J9 commented on GitHub (Nov 10, 2022): [socat](https://linux.die.net/man/1/socat) to the rescue! An alternative solution is to configure your service to be accessible via a socket file, then setup a sandbox with --net=none, and finally run socat IN the sanxbox to listen on the sandbox's loopback interface, and redirect the connection to the socket file. If that service is torsocks, you'll need to add --whitelist=/run/tor, and run this within the sandbox: `socat TCP-LISTEN:9050,fork,bind=localhost UNIX-CONNECT:/run/tor/socks` Edit: add --whitelits mention
gitea-mirror commented 2026-05-05 04:56:52 -06:00
Author
Owner
Copy link

@ssokolow commented on GitHub (Dec 31, 2023):

What if we just want to keep a buggy Stable Diffusion frontend from re-downloading hundreds or thousands of megabytes of data model every time it's started but still need to access the web UI it exposes over a TCP socket?

(Bear in mind these things tend to be hellishly confusing messes of pseudo-containerized Python as soon as you need to customize their behaviour beyond choosing whether to bind to localhost or listen on all interfaces.)

I've seen multiple places (eg. this Unix & Linux StackExchange question) where people want this, but nobody seems to just provide a simple "here's an example complete solution" for the approaches suggested in #3439.

<!-- gh-comment-id:1872646009 --> @ssokolow commented on GitHub (Dec 31, 2023): What if we just want to keep a buggy Stable Diffusion frontend from re-downloading hundreds or thousands of megabytes of data model every time it's started but still need to access the web UI it exposes over a TCP socket? (Bear in mind these things tend to be hellishly confusing messes of pseudo-containerized Python as soon as you need to customize their behaviour beyond choosing whether to bind to localhost or listen on all interfaces.) I've seen multiple places (eg. [this Unix & Linux StackExchange question](https://unix.stackexchange.com/questions/478131/firejail-only-let-a-program-access-localhost)) where people want this, but nobody seems to just provide a simple "here's an example complete solution" for the approaches suggested [in #3439](https://github.com/netblue30/firejail/issues/3439#issuecomment-866724799).
gitea-mirror commented 2026-05-05 04:56:53 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Dec 31, 2023):

  • If just want to stop it from downloading stuff, --dns=0.0.0.0 or --hosts-file=... can be used to stop at DNS level.
  • It should be possible to create a tunnel using ncat when using --net=none.

but nobody seems to just provide a simple "here's an example complete solution"

Something as simple as

crablock --pasta-t=8080 --pasta-config-net=false -- /usr/bin/python3 -m http.server 8080
<!-- gh-comment-id:1872938569 --> @rusty-snake commented on GitHub (Dec 31, 2023): - If just want to stop it from downloading stuff, `--dns=0.0.0.0` or `--hosts-file=...` can be used to stop at DNS level. - It should be possible to create a tunnel using `ncat` when using `--net=none`. > but nobody seems to just provide a simple "here's an example complete solution" Something as simple as ```bash crablock --pasta-t=8080 --pasta-config-net=false -- /usr/bin/python3 -m http.server 8080 ```
gitea-mirror commented 2026-05-05 04:56:54 -06:00
Author
Owner
Copy link

@kmk3 commented on GitHub (Jan 4, 2024):

Could it work by doing nolocal in reverse?

549d59f55d/etc/net/nolocal.net (L1-L36)

549d59f55d/etc/net/nolocal6.net (L1-L41)

<!-- gh-comment-id:1876282465 --> @kmk3 commented on GitHub (Jan 4, 2024): Could it work by doing `nolocal` in reverse? https://github.com/netblue30/firejail/blob/549d59f55df0b5412eb5fbecfb3586bfa222bd8d/etc/net/nolocal.net#L1-L36 https://github.com/netblue30/firejail/blob/549d59f55df0b5412eb5fbecfb3586bfa222bd8d/etc/net/nolocal6.net#L1-L41
gitea-mirror commented 2026-05-05 04:56:56 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Jan 4, 2024):

As long you do not need loopback traffic between Sandbox and host.

<!-- gh-comment-id:1877465684 --> @rusty-snake commented on GitHub (Jan 4, 2024): As long you do not need loopback traffic between Sandbox and host.
gitea-mirror commented 2026-05-05 04:56:58 -06:00
Author
Owner
Copy link

@krichter722 commented on GitHub (Aug 10, 2024):

Summary so far: The people knowing solutions or make very elaborate suggestions making me think they can easily come up a solution have made the following suggestions:

  1. Use a Veth Interface (https://github.com/netblue30/firejail/issues/108#issuecomment-177256223, https://unix.stackexchange.com/a/484969/63502)
  2. "create a tunnel using ncat when using --net=none." (https://github.com/netblue30/firejail/issues/108#issuecomment-1872938569)
  3. --netfilter to block everything ecept 127.0.0.1 (--netfilter requires --net) (https://github.com/netblue30/firejail/issues/3439#issuecomment-866847256)
  4. --net with a bridge or tap iface (or --netns) (https://github.com/netblue30/firejail/issues/3439)

There are other great suggestions, those are just the ones that I'm sure the authors know how to make them work.

I on behalf of all other users seeking the answers (I found tons of posts asking a solution for this use case) would be very thankful for any instruction how to configure firejail to limit traffic to localhost that goes beyond an abstract suggestion how to achieve this.

<!-- gh-comment-id:2280651863 --> @krichter722 commented on GitHub (Aug 10, 2024): Summary so far: The people knowing solutions or make very elaborate suggestions making me think they can easily come up a solution have made the following suggestions: 1. Use a Veth Interface (https://github.com/netblue30/firejail/issues/108#issuecomment-177256223, https://unix.stackexchange.com/a/484969/63502) 2. "create a tunnel using ncat when using --net=none." (https://github.com/netblue30/firejail/issues/108#issuecomment-1872938569) 3. `--netfilter to block everything ecept 127.0.0.1 (--netfilter requires --net)` (https://github.com/netblue30/firejail/issues/3439#issuecomment-866847256) 4. `--net with a bridge or tap iface (or --netns)` (https://github.com/netblue30/firejail/issues/3439) There are other great suggestions, those are just the ones that I'm sure the authors know how to make them work. I on behalf of all other users seeking the answers (I found tons of posts asking a solution for this use case) would be very thankful for any instruction how to configure `firejail` to limit traffic to localhost that goes beyond an abstract suggestion how to achieve this.
gitea-mirror commented 2026-05-05 04:57:01 -06:00
Author
Owner
Copy link

@rusty-snake commented on GitHub (Aug 10, 2024):

There are different scenarios that needs to be supported:

  • Server is on the host, listening on 127.0.0.1:1234 host. Client is in the sandbox and needs to connect to the server on 127.0.0.1:1234 sandbox from 127.0.0.1 host/sandbox.
  • Server is on the host, listening on 127.0.0.1:1234 host. Client is in the sandbox and needs to connect to the server, using a different subnet isn't a problem.
  • Server is in the sandbox, listening on 127.0.0.1:1234 sandbox. Client is in on the host and needs to connect to the server on 127.0.0.1:1234 host from 127.0.0.1 host/sandbox.
  • Server is in the sandbox, listening on 127.0.0.1:1234 sandbox. Client is in on the host and needs to connect to the server, using a different subnet isn't a problem.
  • Client is in the sandbox and needs to connect to any server on 127.0.0.1:xxxx host.
  • Server is in the sandbox. Multiple clients from the host need to connect to is.

In the first and third case the target (client) resp. source (server) IP address matters. This can be the case when the admin interface is only exposed for connections from localhost or if the http Host header is relevant.

<!-- gh-comment-id:2280843643 --> @rusty-snake commented on GitHub (Aug 10, 2024): There are different scenarios that needs to be supported: - Server is on the host, listening on `127.0.0.1:1234 host`. Client is in the sandbox and needs to connect to the server on `127.0.0.1:1234 sandbox` from `127.0.0.1 host/sandbox`. - Server is on the host, listening on `127.0.0.1:1234 host`. Client is in the sandbox and needs to connect to the server, using a different subnet isn't a problem. - Server is in the sandbox, listening on `127.0.0.1:1234 sandbox`. Client is in on the host and needs to connect to the server on `127.0.0.1:1234 host` from `127.0.0.1 host/sandbox`. - Server is in the sandbox, listening on `127.0.0.1:1234 sandbox`. Client is in on the host and needs to connect to the server, using a different subnet isn't a problem. - Client is in the sandbox and needs to connect to any server on `127.0.0.1:xxxx host`. - Server is in the sandbox. Multiple clients from the host need to connect to is. In the first and third case the target (client) resp. source (server) IP address matters. This can be the case when the admin interface is only exposed for connections from localhost or if the http `Host` header is relevant.
gitea-mirror commented 2026-05-05 04:57:04 -06:00
Author
Owner
Copy link

@mxmlnkn commented on GitHub (Sep 26, 2024):

What if we just want to keep a buggy Stable Diffusion frontend from re-downloading hundreds or thousands of megabytes of data model every time it's started but still need to access the web UI it exposes over a TCP socket?

My workaround for this problem was to simply start the server and also a browser inside the firejail. E.g.:

firejail --dbus-system=none --noprofile --net=none bash -c '
    python3 -m http.server 9000 &
    google-chrome-stable --user-data-dir=$PWD/tmp-chrome-data http://127.0.0.1:9000
    kill %1
'

This then becomes reminiscent of an Electron-based application. You can browse the HTTP server but anything else, such as browsing the Internet will not work, just as desired. This is sufficient for my use case, but for other use cases such as locally running databases, it probably is not sufficient.

--netfilter to block everything ecept 127.0.0.1 (--netfilter requires --net)

I think this was a red herring and does not work. My understanding is not complete, but I tried my luck with iptables rules for the netfilter and failed. It seems to me that it always "spins up" a separate loopback device as soon as any network sandboxing is spun up. And this means that this newly spun-up lo device cannot be reached via 127.0.0.1 from outside the firejail.

<!-- gh-comment-id:2377957585 --> @mxmlnkn commented on GitHub (Sep 26, 2024): > What if we just want to keep a buggy Stable Diffusion frontend from re-downloading hundreds or thousands of megabytes of data model every time it's started but still need to access the web UI it exposes over a TCP socket? My workaround for this problem was to simply start the server and also a browser inside the firejail. E.g.: ```bash firejail --dbus-system=none --noprofile --net=none bash -c ' python3 -m http.server 9000 & google-chrome-stable --user-data-dir=$PWD/tmp-chrome-data http://127.0.0.1:9000 kill %1 ' ``` This then becomes reminiscent of an Electron-based application. You can browse the HTTP server but anything else, such as browsing the Internet will not work, just as desired. This is sufficient for my use case, but for other use cases such as locally running databases, it probably is not sufficient. > `--netfilter to block everything ecept 127.0.0.1 (--netfilter requires --net)` I think this was a red herring and does not work. My understanding is not complete, but I tried my luck with iptables rules for the netfilter and failed. It seems to me that it always "spins up" a separate loopback device as soon as any network sandboxing is spun up. And this means that this newly spun-up `lo` device cannot be reached via 127.0.0.1 from outside the firejail.
gitea-mirror commented 2026-05-05 04:57:06 -06:00
Author
Owner
Copy link

@ssokolow commented on GitHub (Sep 26, 2024):

My workaround for this problem was to simply start the server and also a browser inside the firejail.

Except that all my browsers are installed via Flatpak and I'd rather not install a whole other browser just for that purpose.

(Tightening down and babysitting the sandboxing privileges for non-containerized applications is a pain, so I only use Firejail for things not available through Flatpak yet.)

<!-- gh-comment-id:2378039621 --> @ssokolow commented on GitHub (Sep 26, 2024): > My workaround for this problem was to simply start the server and also a browser inside the firejail. Except that all my browsers are installed via Flatpak and I'd rather not install a whole other browser just for that purpose. (Tightening down and babysitting the sandboxing privileges for non-containerized applications is a pain, so I only use Firejail for things not available through Flatpak yet.)
gitea-mirror commented 2026-05-05 04:57:08 -06:00
Author
Owner
Copy link

@l8l commented on GitHub (Mar 23, 2025):

I would also very much appreciate this feature. I am running a local database on localhost that I want to query with a program that must otherwise be cut off from the internet. Would like to run something like firejail --net=local --noprofile myprogram for that. Is something like this possible already or any progress in this regard?

EDIT: I found a workaround that at least works for my case:

firejail --noprofile --net=none --name=srv start_my_local_server
firejail --noprofile --net=none --join=srv app_that_uses_my_local_server
firejail --noprofile --net=none --join=srv another_app_that_uses_my_local_server
....

The apps that joined the server can then send requests to it while being cut off from the internet.
Adapted from this post https://unix.stackexchange.com/questions/478131/firejail-only-let-a-program-access-localhost

However, in this way the server can itself not communicate with the outside world, which might be desired in some cases.

<!-- gh-comment-id:2746118714 --> @l8l commented on GitHub (Mar 23, 2025): I would also very much appreciate this feature. I am running a local database on localhost that I want to query with a program that must otherwise be cut off from the internet. Would like to run something like `firejail --net=local --noprofile myprogram` for that. Is something like this possible already or any progress in this regard? EDIT: I found a workaround that at least works for my case: ``` firejail --noprofile --net=none --name=srv start_my_local_server firejail --noprofile --net=none --join=srv app_that_uses_my_local_server firejail --noprofile --net=none --join=srv another_app_that_uses_my_local_server .... ``` The apps that joined the server can then send requests to it while being cut off from the internet. Adapted from this post https://unix.stackexchange.com/questions/478131/firejail-only-let-a-program-access-localhost However, in this way the server can itself not communicate with the outside world, which might be desired in some cases.
gitea-mirror commented 2026-05-05 04:57:10 -06:00
Author
Owner
Copy link

@biollas commented on GitHub (Nov 1, 2025):

Another vote for this feature which has been in demand for at least a decade by the looks of it.

<!-- gh-comment-id:3476955388 --> @biollas commented on GitHub (Nov 1, 2025): Another vote for this feature which has been in demand for at least a decade by the looks of it.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
serialize_remounts_v2
landlock_v4
landlock
release-0.9.64
release-0.9.62
gitlab_ci
LTSbase
fred_ctests
docs
0.9.80
0.9.80-rc1
0.9.78
0.9.76
0.9.76-rc4
0.9.76-rc3
0.9.76-rc2
0.9.76-rc1
0.9.74
landlock-split
0.9.72
0.9.72rc1
0.9.70
0.9.68
0.9.68rc1
0.9.66
0.9.66rc1
0.9.64.4
0.9.64.2
0.9.64
0.9.64rc1
0.9.62.4
0.9.62.2
0.9.62
0.9.56.2-LTS
0.9.60
0.9.60-rc1
0.9.58.2
0.9.58
0.9.58-rc1
0.9.56-LTS-release
0.9.56-LTS
0.9.56
0.9.56-rc1
0.9.54
0.9.54-rc2
0.9.54-rc1
0.9.52
0.9.38.12
0.9.50
0.9.50-rc1
0.9.48
0.9.46
0.9.46-rc1
0.9.44.10
0.9.44.8
0.9.44.6
0.9.38.10
0.9.44.4
0.9.38.8
0.9.44.2
0.9.44
0.9.44-rc1
0.9.38.4
0.9.42
0.9.42-rc2
0.9.38.2
0.9.42-rc1
disable-globalcfg
0.9.40
0.9.40-rc1
0.9.38
0.9.38-rc1
0.9.36
0.9.36-rc1
0.9.34
0.9.34-rc1
0.9.32
0.9.32-rc1
0.9.30
0.9.30-rc1
Labels
Clear labels   
LTS merge

   
LTS merge

   
bug

   
bug

   
converted-to-discussion

   
doc-todo

   
documentation

   
duplicate

   
enhancement

   
file-transfer

   
firecfg

   
firejail-in-firejail

   
firetools

   
graphics

   
help wanted

   
information_old

   
installation

   
invalid

   
modif

   
moved

   
needinfo

   
networking

   
notabug

   
notourbug

   
old-version

   
overlayfs

   
packaging

   
profile-request

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question_old

   
removal

   
runtime-permissions

   
sandbox-ipc

   
security

   
stale

   
wiki

   
wiki

   
wontfix

   
wordpress

   
workaround
No labels
LTS merge
LTS merge
bug
bug
converted-to-discussion
doc-todo
documentation
duplicate
enhancement
file-transfer
firecfg
firejail-in-firejail
firetools
graphics
help wanted
information_old
installation
invalid
modif
moved
needinfo
networking
notabug
notourbug
old-version
overlayfs
packaging
profile-request
pull-request
question
question_old
removal
runtime-permissions
sandbox-ipc
security
stale
wiki
wiki
wontfix
wordpress
workaround
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#69
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?