rusty-snake
commented
3 years ago Maybe with --net=br0 and an bridge that has direct inet access.
Open Futureknows opened 3 years ago
rusty-snake
commented
3 years ago Maybe with --net=br0 and an bridge that has direct inet access.
Futureknows
commented
3 years ago Thanks. I noticed if I launch a firejail on net=virbr0 (Redhat default bridge) before I connect to a VPN with Network Manager, then I can run inside and outside the systemwide VPN simultaneously with jails. However, any firejails launched with net=virbr0 after connecting to a VPN through Network manager, those firejails don't get a connection. I'm sure this can be fixed with editing iptables but it's beyond me. It would be a very handy feature.
On Tue, Apr 6, 2021 at 7:28 AM rusty-snake @.***> wrote:
Maybe with --net=br0 and an bridge that has direct inet access.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/netblue30/firejail/issues/3835#issuecomment-814166517, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFAS623OZS4YZI5CNYMLKWLTHMLBDANCNFSM4VACG35A .
Once I enable a OpenVPN connection using network manager, is there a way to force discrete jails to connect outside the tunnel? If I use --net=enp10s0 (the default ethernet interface) it still tunnels through the OpenVPN connection. Sometimes if I open firejails this way before establishing an OpenVPN through Network manager, they remain discrete, but after enabling OpenVPN, subsequent enp10s0 jails get routed through the tunnel.