Page 1 of 1
Wine Block internet access for a specific prefix
Posted: Fri Mar 12, 2021 1:19 pm
by trister
I think this might not be the place to post a wine related script but I think it is the most easy to find spot.
I wanted to block access to the internet for some WINE apps.
I found many suggestions in the internet:
- using firejail : Did not work
- Modifying wine registry : Did not work
- Using a different user to run wine and then block using iptables : It might have worked but I don't want to do that.
What I found and it works for me (Buster Dog + wine appimage I posted in this forum) is this.
I created a script eg test.sh
Code: Select all
cd "/root/.wineCB14/drive_c/Program Files/testprogram/"
WINEPREFIX="/root/.wineCB14/" unshare -n wine test14.exe
I run this and it worked.
Re: Wine Block internet access for a specific prefix
Posted: Tue Mar 16, 2021 5:14 pm
by mikeslr
trister wrote: ↑Fri Mar 12, 2021 1:19 pm...
What I found and it works for me (Buster Dog + wine appimage I posted in this forum) is this.
I created a script eg test.sh
Code: Select all
cd "/root/.wineCB14/drive_c/Program Files/testprogram/"
WINEPREFIX="/root/.wineCB14/" unshare -n wine test14.exe
I run this and it worked.
Hi trister,
I just want to be certain I understand what's happening in your example.
There already was a windows program named test14.exe located in the /root/.wineCB14/drive_c/Program Files/testprogram/ folder. The script, test.sh whose code is:
#!/bin/sh
cd "/root/.wineCB14/drive_c/Program Files/testprogram/"
WINEPREFIX="/root/.wineCB14/" unshare -n wine test14.exe
is used to initiate the test14.exe program.
So started, the test14.exe can NOT access the internet. The script is specific to the test14.exe program and has no effect on any other program you might be able to run under wine.
Is this correct?
Re: Wine Block internet access for a specific prefix
Posted: Fri Mar 19, 2021 10:51 am
by trister
Hello, sorry for the late reply. All my links point on the old not-working puppy.
First of all I don't know exactly how the "unshare" command works.
From practical point of view:
I use the ".wineCB14" wineprefix to run a specific program (and contains ONLY that program).
The above commands indeed block it from accessing internet.
Other wine prefixes seem to access internet ok.
If I had another program in the ".wineCB14" wineprefix and run it without the "unshare" command I suspect that it WOULD be able to access the internet (haven't tried it though)
you could try it with a ping command :
Code: Select all
unshare -n wine ping www.google.com
wine ping www.google.com