How can I block all program and files in a certain folder from accessing the internet (recursively)

So I want to make it so that nothing executed inside a certain folder (or inside folders inside that folder) can make any internet requests (block all access).

I'm not aware of any way to create firewall rules based on the path location within the file system. The easiest option would be to create a virtual machine without internet access, and run the executable files from there.

Another option, examine what ports are being used when you run those files and block them. This may not be very effective if the program is capable of re-trying to connect on multiple ports. In that case, it becomes a tedious cat and mouse game.

On a more technical level, if you have the source code to those files you can also examine what ports, DNS names or IP addresses are being references and block those directly.


I was thinking of IPtables, but that would be more applicable to User Accounts, rather than directories.
There is also Firejail


My only requirement is that it blocks anything inside a folder (recursively) from accessing the internet, and its not overly difficult to set up.

Any object within a folder that can make internet requests or is accessing the internet must be Software, correct? These are not individual files that you are asking about?

If so, Firejail or Bubblewrap should suit your need.

1 Like

Why was under the impression that Firejail was a MacOS thing only? :thinking: I really should check it out, it looks quite interesting project.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.