Hi all, Sony loves these data collection messages at the beginning of their games. They don’t even give you the option to opt-out. It is mandatory and is either “Full data” or “limited”. I don’t want to give them either. Is there a straight forward way to do this? Thanks in advance.
firejail --noprofile --net=none -- wine ...The three dots are what? The path to the .exe file? I tried that and it broke the game. It was complaining about some dx12 something. Also, I tried the firetool app, but it doesn’t have anywhere that shows the blocked apps/files. You just have to trust it.
yes, … is path to .exe, and yes I also has similar problems with some games with default wine
but for gaming I use lutris with proton, and using firejail from lutris has better results for me (almost all games works without issues)
[SomeGame] > Configure > System options > Command prefix >
firejail --noprofile --net=none --firejail --noprofile --net=none –
Is there anything after the two dashes in the
firejail --noprofile --net=none --?in lutris no, it will automatically launch as
${COMMAND_PREFIX} ${WINE} ${EXECUTABLE}Awesome, thank you so much. Do you know what the equivalent is in Heroic games launcher? They have so many options there, wrapper command, environment variables, scripts and some others. I have games there, too.
I’ve never used the Heroic launcher, but I think the “wrapper command” is what you need
Thank you. I like Heroic better because of the layout. It has all stores on one screen, unlike lutris. The wrapper is asking me to put the “path” in quotes. Oh well, I I’ll have to get used to Lutris.
Easier than…?
There are dozens of ways to block that traffic, from DNS to firewall rules to just disconnecting entirely.
Easier than messing with the terminal. I remember on windows, you set an “outbound” rule for an .exe and you’re done. I tried to do that with firejail, but the firetool doesn’t have a spot in the app where it shows what you blocked. You just have to trust it. Unless I’m blind. I looked everywhere in the app and the wizard.
Well there are probably GUI firewall rule apps, but it’s be faster just to use a command, since the apps are going to take all the same info anyway. Or you could just disconnect entirely.
DNS blocking if their telemetry domains are separate from game domains. They could technically do their own DNS resolution though.
This was my thought too. Seems easiest to me to DNS block on the firewall side (and be network wide).
Anything attempting to leave the LAN on port 53 or 853 gets redirected to my pihole and logged. It’s mostly google stuff, but TV’s do it too. A determined enshittifier could implement DoH or DoT.
Smart. Right now I just rely on various blacklists that seem to block everything I need to. I might do something like this at some point though to be sure.
I’m running opnsense virtualized. I’d recommend a spare PC with two nics to learn it on first.
Yeah, I’m already running opnsense on an old PC with an added network card. Then I use Unbound DNS with various blacklist filters on my outbound traffic.
It honestly seems good enough because I monitored it for a while when I set it up. But I don’t monitor it continually and I don’t have specific blocks that I set up myself, just the published blacklists. If something new is phoning home I’d be unaware until I check it, which is what I like about your setup.
That was actually a part of the main question, but then I decided not to include it. Opensnitch shows so many popups that I get confused which is to allow and which to deny. Sometimes things could break and a reboot is necessary.
Edit: I’m going to install it regardless. Thanks
That will be the case with any firewall, you’ll have to block everything and then figure out what is needed for the game to work as expected.
True, but I think firewalls don’t have that scary popup opensnitch has. They do their thing silently. lol
Set it to default deny and it should stop the popups!
Why not spin up a pihole instance? Once you setup your blocklists you barely have to maintain it besides the occasional update.
Hell, if you don’t have a spare machine to run it on, you can likely run it locally and then change your PC’s network to use it as your DNS resolver.
Turn off internet
That’s one way and guaranteed to work, but it’s kind of annoying.
It is possible to tighten security to the point where the system is unusable. Security and convenience must be balanced. The trick is to create a secure and useful system. ——The Arch Wiki, Security
Seems OP wants to play online only games, disconnecting might make that impossible.
deleted by creator
