On 7/4/23 13:08, rat1 wrote:
> How do I block the network access completely for a certain program with a
> blacklist or whitelist, whitelist prefered, with OpenBSD's pf(4)? My pdf
> reader, music player, video player, vim and much more shouldnt have access
> to networking at all. I remember it being possible with the Windows
> firewall program to choose a certain program to be completely
> networking-less. Is this possible with OpenBSD too? I couldnt find
> anything in the man pages or in the FAQ regarding this issue.
pf(4) is primarily an IP-based filter. You are looking for a filter
that applies at the application level which will likely require a
program from ports. You might be able to achieve what you want with
pf by having multiple rdomain(4)s, use pf to block traffic based on
rdomain, and execute programs by routing them to use the corresponding
rtable(4); but that is almost certainly not what you want.
No comments:
Post a Comment