1

Is it possible to prevent a single app to access the internet with firewalld?

To be precise, i have an application packaged as an AppImage, currently installed in my Home directory, and I want it to be blocked internet access.

The firewalld GUI only let me configure IP's, MAC's, services, and so on, but I can't find a way to manage single applications. Is it even possbile at all?

It if matters, I'm using openSUSE.

Is there a way to do so?

Improve this question

2 Answers 2

Reset to default
2

IIRC no - even services are basically rules based on ports - it's literally an XML file. As such, it's a little trickier, but not very much so.

You could use netstat or other means to work out what ports the application uses.

netstat -p | grep program would be a simple example of this.

Then write your own unit for the application to block the ports.

As far as I understand, firewalld isn't application based, it's just a front end for the port based firewall, with a few nice addons like zones.

You might be able to do this with something like SElinux or Apparmour instead, though naturally it's a different route from what you're trying.

Improve this answer
1
  • Thank you for your answer. I'll try this workaround and do more research.
    – Sekhemty
    Commented Nov 6, 2018 at 11:49
0

Is there a way to do so?

A software called firejail(available in the Ubuntu repository) can block internet access for appimage programs. Use the following code:

firejail --appimage --noprofile path/to/appimage
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .