- Removed hardcoded sizes for buttons.
- Buttons horizontal layout adjusted to properly show the countdown
(#1274).
Note:
'Maximum' vertical policy does not seem to work with qt-material
and QToolButton, the button height is resized to 0. 'Preferred' seems
to work as expected.
The GUI and daemon versions are displayed in 2 different locations:
- ui: in the title of the main window.
- daemon: in the lower right corner.
Now instead of showing the daemon version as "Version: x.y.z", we
show "Daemon version: x.y.z".
Closes: #1278
We were not matching the end of the domain, which could lead to allow
more domains than expected.
kudos to @FWDekker for reporting this issue.
Closes: #1264
When saving the preferences, we check if the user changed the address of
the node. Usually the current node address is the same than the one
loaded, but some gRPC versions does not report it, so we use
"unix:/local" as the address of the node.
As this address is different than the one configured, we were displaying
unnecessary restart messages to the users.
In some distros like Ubuntu 25, we were not displaying the fw button
icon, which made the button practically hidden to the user.
We assumed that if 'document-new' or 'emblem' icons were available,
the rest of the icons would be available as well, so we wouldn't need
to fallback to Qt's builtin icons.
However on Ubuntu 25 for example, despite of 'document-new' being
available, the icon 'security-high' was not being displayed when it was
loaded from the stats.ui file.
Loading it from code with QIcon.fromTheme() works fine, and even if
it's not found (which sometimes happens), we'd fallback to Qt's builtin
icons.
Other icons may be optional, but icons without text need to have an
icon always.
- minor formatting change.
- removed unused code.
This commit does not change behaviour but reduces the multitude text
arguments of format() down to one.
Ref: c5e24c04f1 ("ui,netstat: allow to filter listed connections")
- daemon: Allow to dump XDP sockets from kernel.
- ui: Added options to filter by RAW protocol and AF_XDP family.
- Bumped vishvananda/netlink version to v1.3.0.
- Updated go.mod and go.sum
We were failing adding system fw rules when the user selected a
destination port by service name.
We allow to specify port ranges with '-' (8080-8088), and as some
service names contain '-' in the name (ftp-data, netbios-ns), it was
failing.
Fixes error when running `opensnitch-ui` again:
> if service:
> ^^^^^^^
> NameError: name 'service' is not defined. Did you mean: 'UIService'?
Fixes: cdf93c72c1 ("ui: fixed delay closing the GUI")
Protobuffers compiled with protobuf < 3.20.0 are incompatible with
protobuf >= 4.0.0:
https://github.com/evilsocket/opensnitch/wiki/GUI-known-problems#gui-does-not-show-up
This has been a source of problems for some users (#1214, #647), and
in some distributions, previous protobuffer does no longer work due to
incompatibility with the protobuf package version installed
(OpenSuse Tumbleweed).
So in order to solve this issue, we provide several protobuffers,
for old and new protobuf versions:
proto/ui_pb2* for protobuf >= 4.0.0
proto/pre3200/ui_pb2* for protobuf >= 3.6.0 and < 3.20.0
To avoid import errors, each protobuffer must be placed in its own
directory, and the name of the protobuffer files must be named with
the syntax <prefix>_pb2.py/<prefix>_pb2_grpc.py:
ui_pb2.py and ui_pb2_grpc.py
The default compiled protobuffer will be opensnitch/proto/ui_*.py
instead of opensnitch/ui_*.py
- Clicking on a column will display the details of that item (IP,
process, etc).
DstIP, DstPort and UserID columns will open the details of the
selected item.
Clicking on the PID column will open the process monitor dialog.
The rest of the columns will open the details of the process.
- On the Events tab, clicking on the PID column will open the process
monitor dialog.
Commands with non-printable characters were misaligning the labels.
Now these characters are exclude from the labels, and texts are
displayed as a single line.
Under Wayland the GUI doesn't work entirely well (#733).
Setting QT_QPA_PLATFORM to 'xcb' solves some issues, like correctly
positioning popups, but users had to configure it manually.
Now it's possible to configure it from the Preferences dialog.
Setting it to "" will use the default option of the Desktop Environment.
Up until now it when changing the node address, you changed the server
adress as well (i.e: the address where the GUI is listening for
connections).
This simplified configuration when you had 1 node and addresses were
changed at the same time. But in other situations, you were not able to
change the server (GUI) address from the Preferences dialog.
So now:
- the address of each node is changed from the Nodes tab.
- the address of the server (GUI) is changed from the UI tab.
When there were no nodes connected, we disabled the global fw button
that enables/disables the fw.
Unfortunately when a node connected to the GUI, this button was not
clickable anymore.
When disabling the fw, we change the default input and output policy to
Accept, not to block connections.
Due to a problem reloading the fw in the daemon, the policy was not
changed as expected.
This problem must be fixed in the daemon, but for the time being,
sending two configuration changes solves the issue (one for changing the
policy, and another one for disabling the fw).
Closes: #1225
