Tutorial Unity How to block internet from any Unity or any other game or application.


Jan 15, 2018
This is a tutorial on how to block the internet for any Unity game or any application in general.
This is intended for Linux and later using Lutris.
I'm making this thread for the same reason that I don't trust Unity with my usage data and for my privacy.

All the commands are using root, you can use sudo -i for example to change user to root.

1- Create a new group no-internet

groupadd no-internet

2- Check the recent created group

grep no-internet /etc/group

3- Add a new user or an existing user to no-internet group

New user:
useradd -g no-internet <new_user_name>
Existing user:
usermod -a -G no-internet <your_user_name>

4- Check the user groups

groups <user_name>

5- Create a script in your path and make it executable

Use your preferred text editor, in this case we use nano.
nano /home/<user_name>/bin/no-internet
Content of script:
    sg no-internet "$*"
Make the file executable.
chmod 755 /home/<user_name>/bin/no-internet

6- Add iptables rule for dropping network activity for group no-internet

 iptables -I OUTPUT 1 -m owner --gid-owner no-internet -j DROP
In case you would want to make an exception and allow a program to access local network:
iptables -I OUTPUT 1 -m owner --gid-owner no-internet -d -j ACCEPT
iptables -I OUTPUT 2 -m owner --gid-owner no-internet -d -j ACCEPT
iptables -I OUTPUT 3 -m owner --gid-owner no-internet -j DROP
Check it, for example on Firefox by running:
no-internet firefox

7- Check your iptables rules

Iptables works the same as route in windows, if you do it wrong you can reboot and iptables rules return to default.
So to make rules permanent you need to create some files to make it works.

You can check your iptables using
iptables --list
This gonna output a lot of text, you can filter with the group we are interested: OUTPUT
iptables --list OUTPUT

You noted that if you follow this guide, our rule is located in the first position, and if you using UFW firewall you can see a lot of rules with its prefix.
Just be careful not to mess around those UFW rules because this may make your firewall useless.

8- Backup your iptables rules

Before anything if your iptables work as you intended, we'll be making a backup of the rules so we can work with them in the next steps.
    iptables-save > /etc/network/iptables.ipv4.rules
    ip6tables-save > /etc/network/iptables.ipv6.rules

9- Make an automated backup of iptables rules

Now we need to automated the step before, so in the next reboot the rules should be loaded to iptables.

Make this following script file.
This gonna execute after a the network interface is down, generally on a reboot or shutdown. Hence the if-post-down.
nano /etc/network/if-post-down.d/iptables_save_rules
Inside copy this code.
    iptables-save -c > /etc/network/iptables.ipv4.rules
    ip6tables-save -c > /etc/network/iptables.ipv6.rules
    exit 0
Make the file executable.
chmod +x /etc/network/if-post-down.d/iptables_save_rules

10- Make an automated restore of iptables rules

For restore the iptables rules when we return to our PC, we need to make another script.
This gonna execute before the network interface is up, generally when turn on our PC. Hence the if-pre-up.
nano /etc/network/if-pre-up.d/iptables_restore_rules
Inside copy this code.
    if [ -f /etc/network/iptables.ipv4.rules ]; then
        iptables-restore < /etc/network/iptables.ipv4.rules
    if [ -f /etc/network/iptables.ipv6.rules ]; then
        ip6tables-restore < /etc/network/iptables.ipv6.rules
    exit 0
Make the file executable.
chmod +x /etc/network/if-pre-up.d/iptables_restore_rules

11- Using Lutris with no-internet

This make a lot more easy after all we done so far.
Open Lutris and go to an existing game, or install a new game, go to Configure, go to System Options and then scroll down to Command Prefix
Add only no-internet and then Save
Check the game if its connect to the web.

12- If all is successful make Lutris defaults run with no-internet

Open Lutris and on the left side column you se a section called Runners, hover the mouse on Wine and go to cogwheel Configure
Here is where all the defaults for Wine is setup, so we need to go to System Option, scroll down to Command Prefix and add no-internet

13- Known issue

With this approach there is one issue with Lutris and that is the path to the executable of the game should not content whitespaces because of the shell interactions of the script.
The passage of lutris > no-internet > sg make the shell interpret the strings quotes and lost it in the next steps, so the only problem are the spaces in between names.

So for this to work correctly with Lutris, the path need to be without spaces.
Last edited: