Ubuntu – How to block internet access for wine applications


How can one prevent specific or any wine applications from accessing the internet?

When using certain applications under Windows, they were trying to access the internet from time to time without any obvious reason. I was able to prevent that behaviour with a personal firewall back then. Unfortunately I did not find an application level firewall in Ubuntu up to now. This is especially annoying when I am abroad using data-roaming with my 3G modem.

Best Answer

There's a nice tutorial on blocking any given program from accessing the Internet on the Ubuntu forums.


sudo addgroup no-internet  # Create group "no-internet"
sudo adduser $USER no-internet  # Add current user to no-internet

iptables rule to prevent that group from accessing the network

sudo iptables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP
sudo ip6tables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP # To also block IPv6 traffic

Process you don't want to have internet access using sg or sudo -g (execute command as different group ID):

sg no-internet -c "processFullPath args"

It basically involves creating a new group, denying it Internet access, and then running any program you want to restrict as that group ID. So in your case, you would just always run wine using the method described in the tutorial.