Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Comments on Why do many Windows games fail when the network is sandboxed?

Post

Why do many Windows games fail when the network is sandboxed?

+3
−0

I run Windows games with Wine, and use bwrap to sandbox them. I've noticed that passing --unshare-net to disable the network breaks many, many games (they fail to start with no obvious error message). However, at the same time, if I do nmcli networking off instead of --unshare-net the game launches fine.

Why would --unshare-net crash a Windows program on launch, and how can I block internet access from inside bwrap?

History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.
Why should this post be closed?

1 comment thread

Am going to *guess* the resulting sandbox reports that network is *connected*, but has no route to wh... (4 comments)
Am going to *guess* the resulting sandbox reports that network is *connected*, but has no route to wh...
jimbobmcgee‭ wrote over 1 year ago

Am going to guess the resulting sandbox reports that network is connected, but has no route to whatever DRM/anti-cheat/always-online endpoint is embedded in the Windows game.

As opposed to network reporting disconnected if you turn off your networking with nmcli.

I'd guess the logic for some games is if connected; then if not server-is-reachable; then assume nefarious; fi; fi...

matthewsnyder‭ wrote over 1 year ago

jimbobmcgee‭ Interesting - I'm not sure if that's true, but it would certainly explain it if so. Any idea on how I can confirm it?

jimbobmcgee‭ wrote over 1 year ago · edited over 1 year ago

It depends if you can afford for the game's network traffic to actually reach home.

For capturing outbound network traffic, I'd use tshark or tcpdump to write a pcap file, then examine it in Wireshark. I'd be looking for the differences between network traffic when I was sandboxed vs when I was not.

You'd need to run the capture inside your sandbox, alongside your game, and I don't know if bwrap would let you do that. Maybe bwrap a shell and invoke both commands from that same shell?

At a lower level, you might look at strace to invoke the game and spool a lot of debug info while it is running, but you'd need more specialist help to interpret the results.

matthewsnyder‭ wrote over 1 year ago

That's a good idea - I'll give it a try next time I run into this.

With bwrap, it is indeed possible to capture diagnostics both inside and outside. Outside will include the activity of bwrap itself on top of what the program inside does. Both might be interesting in this case.