Ubuntu – How to disable Internet connection for a single process

firewallinternetinternet connectionnetworking

I know the PID of a specific process and I want to disable the Internet access for this process and only for this process, so other process can access Internet.

Is there any way to do it?


I googled some stuff and found a way to disable Internet for executable programs.
But I need, for example, to have two running chrome, one having access to Internet and other not.

Best Answer

  • I've just had the same question and found a really nice solution on ubuntuforums.org

    Summary

    • add a group "no-internet" and add your user to it

      sudo addgroup no-internet
      sudo adduser $USER no-internet
      
    • add a iptables rule to prevent that group from accessing the network:

      iptables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP
      
    • run the process you don't want to have internet access like with sg (execute command as different group ID):

      sg no-internet "process command line"
      
  • Related Question