The VideoLAN Forums

Posted: **11 May 2016 14:53**

Here's the setting in VLC I'm looking for: "disable all network activity?" [check yes], done. VLC is now permanently in "offline mode." Does this simple setting exist?

Don't really care if the setting disallows incoming connections as well. I'm a recent convert coming from win7 and really missing the application-based firewall which worked so well. gufw is like a fisher-price firewall compared to the windows firewall and custom ipsec rules you could setup with the MS snap-in console. The "accepted solution" appears to be extremely inconvenient, especially when the "arguments" to VLC will be whatever media file is double-clicked.

The other possible solution is an experiential firewall that you need to compile yourself. I don't understand the words: "Quick start: Run lpfw as root. Run python gui/gui.py as regular user." I'm assuming that translates to: "sudo lpfw" and then I don't know what the python bit is.

I noticed in /usr/bin, vlc and vlc-wrapper permissions can be set to a different group. Following the above instructions again, can you simply select group "ni" here for both items and then you're done permanently? They're currently on group "root".

Posted: **11 May 2016 18:29**

There are no such settings in VLC. That wouldn't work as some of the network access is via third party libraries.

Posted: **12 May 2016 14:44**

There are no such settings in VLC. That wouldn't work as some of the network access is via third party libraries.

I don't really buy that. The libraries still run under the context of the VLC application no? In win7 it was so easy to block, just select vlc.exe, put a deny on it, and it's not making any outgoing connections, at least for playlist files. So far I've spent so many hours trying to find application firewalls in Linux -- curiously they don't seem to exist. Douane is about the closest I've came, but it acts like an alpha release, especially in non-systemd environments. APF = abandonware.

SELinux = NSA.
AppArmour seems notorious for breaking things. So I haven't even tried these yet.
Firejail shows somewhat promise, although again passing args to VLC == double-clicking media so I don't really see how that works.

It's like this guy asks, have I looked hard enough?

Posted: **12 May 2016 19:48**

I'll be waiting for your patch since you obviously know better.

Posted: **13 May 2016 07:48**

I'll be waiting for your patch since you obviously know better.

Your requested lucky 7 lines of code:

Code: Select all

sudo apt-get install firejail
sudo ln -s /usr/bin/firejail /usr/local/bin/vlc
mkdir -p ~/.local/share/applications/
cp /usr/share/applications/vlc.desktop ~/.local/share/applications/
sed -ri 's|(Exec=)/[^ ]*/([^ ]*)|\1\2|' ~/.local/share/applications/vlc.desktop
sudo sed -i '$a net none' /etc/firejail/vlc.profile
sudo reboot -f

It's alive...IT'S ALIIIIIIIIIIIIIIIIVE! HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!

Posted: **14 May 2016 19:10**

Ahaha. Topic closed.

The VideoLAN Forums

Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Re: Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Re: Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Re: Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Re: Ubuntu: is there any setting within VLC that disallows all outgoing network connections?

Re: Ubuntu: is there any setting within VLC that disallows all outgoing network connections?