How can I prevent a particular program from using the internet?

WhoZero · December 11, 2018, 9:23am

How can I prevent a particular program from using the internet in the Workstation?

Thanks for help.

0brand · December 11, 2018, 11:26am

You can use firejail

From the command line

firejail –net=none some_app

In custom firejail profile:

net none

https://whonix.org/wiki/Whonix-Workstation_Security#Firejail

https://firejail.wordpress.com/features-3/man-firejail/comment-page-1/

WhoZero · December 11, 2018, 2:12pm

Thank you for your answer.
I want to prevent keepassxc from being able to establish an internet connection, But keepassxc must be able to save the database file. I am not sure if firejail is the right solution.

is there no firewall in the gateway which can prevent keepassxc for internet connection?

Patrick · December 11, 2018, 3:09pm

Free Support for Whonix ™ also applies.

Algernon · December 11, 2018, 9:48pm

tbh I’m not that familiar with keepassx. Does it need networking in general? If it does not make any connections on its own, there is nothing to block. You could also just clone the VM, remove the network interface and use the clone just for password storage. Or if the VM needs to be online you need to take a closer look at the firewall config, firejail or maybe apparmor. If in doubt, you could/should always make a backup/snapshot prior to testing.

WhoZero · December 12, 2018, 9:24am

Thanks for your Answer, this was helpful.