Some applications can be really annoying sometimes because they continuously asked us to login at the application startup if you have an active internet connection. In this post i am going to share a method with you to block certain applications from accessing the internet. When you need to run a particular application without internet, all you need to do is running the application by a different command as i described in below.

Step 1: Open the terminal and execute following commands to create and add a new user group called “no-internet”.

groupadd no-internet
useradd -g no-internet username

Step 2: Now let’s create the custom command by creating a new script and put it in /usr/bin/ directory (or create the script file directly in that directory).

nano /usr/bin/no-internet

Now type the following script. Then save and exit.

sg no-internet "$@"

Now let’s make that executable by the following command.

chmod 755 /usr/bin/no-internet

Step 3: Now we should add a rule to iptable to drop the network activity for the newly created group. Since we need to execute this command after a every reboot, we are going to put it in (.profile) script file. You can find it

Open /root/.profile file using a text editor and put the following line at the end. Then, save it.

iptables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP

Step 4: Now everything is setup. To see a effect, you need to reboot the system or need to execute this command manually.

iptables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP

Now run a program like this to test. (here i test the firefox browser)

no-internet "firefox"

Now you could run any program using this new command.