mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 16:44:46 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
408 commits 11 branches 43 tags 36 MiB
Commit graph

102 commits

Author SHA1 Message Date
Gustavo Iñiguez Goia
845e6a704f Intercept and parse UDPLite connections 
/proc/net/udplite[6]
 2019-10-29 20:01:45 +01:00
Gustavo Iñiguez Goia
a0eacfb8b8 Allow to intercept localhost and multicast connections 2019-10-29 19:53:07 +01:00
Gustavo Iñiguez Goia
65c3790106 Prompt the user to allow/deny all outgoing connections 
With the current implementation, it's not possible to know what
process/pid has created an outgoing connection, but there's still
valuable information that the user may want to know, so:

- display outgoing connections even if the process name/path is unknown.
 (src ip, dst ip, dst port, uid)
- get outgoing connection uid if kernel > 3.6.
 2019-10-25 00:55:32 +02:00
Gustavo Iñiguez Goia
9cc3da6446 experimental cache of inodes and pids 
Just an experimental cache of inodes and pids, which lowers the CPU
usage and improves user's experience.
 2019-10-24 01:01:20 +02:00
Gustavo Iñiguez Goia
dea50635d5 Merge branch 'fix_process_finding' into main 2019-10-21 19:48:17 +02:00
Gustavo Iñiguez Goia
59a11a530c Workaroung process name lookup 2019-10-21 19:45:35 +02:00
Gustavo Iñiguez Goia
5690d37d52 Merge branch 'clean_fw_rules_before_start' into main 2019-10-21 19:25:42 +02:00
Gustavo Iñiguez Goia
8922d445af Clean firewall rules before start 
If opensnitchd dies unexpectedly, firewall rules are not cleaned up.
 2019-10-21 19:23:29 +02:00
Gustavo Iñiguez Goia
ad70655698 removed useless trace log 2019-10-21 00:40:26 +02:00
Gustavo Iñiguez Goia
ce71c383a9 fixed missing funcs declarations and non used var 2019-10-21 00:04:15 +02:00
Gustavo Iñiguez Goia
dedd009204 Merge branch 'daemon_default_config' into main 2019-10-21 00:02:25 +02:00
Gustavo Iñiguez Goia
067d0d8eed Merge branch 'fixed_unwanted_rules_reloading' of github.com:gustavo-iniguez-goya/opensnitch into main 2019-10-20 23:46:04 +02:00
Gustavo Iñiguez Goia
2c3339c728 Merge branch 'fix_grpc_sockets_leaks' into main 2019-10-20 23:25:21 +02:00
Gustavo Iñiguez Goia
1778a5502a Merge branch 'fix_race_read_write_stats' into main 2019-10-20 22:28:45 +02:00
Gustavo Iñiguez Goia
a7e9b5072f project import paths changed 2019-10-20 21:51:35 +02:00
Gustavo Iñiguez Goia
843924fff4 Fixed unwanted rules reloading after adding a new one 
fixes #271
 2019-08-13 19:19:17 +02:00
Gustavo Iñiguez Goia
3bc83efd10 apply default action to connections that can not be parsed 
If a connection can not be parsed for some reason, apply the default
action configured.
 2019-07-31 01:44:41 +02:00
Gustavo Iñiguez Goia
eeed991f8d Allow to configure daemon's default action rule 
If the file /etc/opensnitchd/default-config.json exists,
read it and apply the options to the default rule when there's no client
connected.

If it doesn't exist, just apply the default rule, allow connections
once.

Config example: {"default_action": "deny", "default_duration": "once"}
 2019-07-02 23:41:41 +02:00
Gustavo Iñiguez Goia
e356c84baa Fix grpc sockets leaking when connecting to a UI 
Failured connections to a UI were not being closed, so we ended up
with > 1024 opened sockets, which caused the error Too many files open.
 2019-06-29 13:55:44 +02:00
Gustavo Iñiguez Goia
57d1198635 Fixed race when reading and collecting stats 
When reading stats, a race can occur when sending them to remote UI via
Ping()s if at the same time more stats are being collected(written).
 2019-06-29 13:46:26 +02:00
Peter Stöckli
0efcfe9e65
also detect applications that use the AF_INET6 socket for IPv4 connections 2019-05-13 11:14:58 +02:00
Northern-Lights
ba00f91bde
Fix QueueDNSResponses to include ip6tables 2019-01-26 20:56:12 -08:00
Armen Boursalian
cc3786b919 Fix ignored err check in RunRule 2018-12-30 19:07:05 -08:00
Christina Lena Korosec
08c3e17c37
Fixes #228: Parse IP and port to uint 2018-12-13 12:08:44 +01:00
evilsocket
61cf3d1e08
Merge pull request #224 from jkozera/jkozera/list-rule-type 
Add a 'list' rule type
 2018-11-22 01:56:27 +01:00
Jerzy Kozera
22c4aca5d0 IPv6 support 2018-11-21 22:57:43 +01:00
Jerzy Kozera
616fef6e83 Add a 'list' rule type 2018-11-21 22:51:33 +01:00
Armen Boursalian
a8a52f8650 RWMutex may help performance in DNS tracking 2018-08-28 08:21:26 -07:00
Armen Boursalian
b95c63f0c0 #176: IP -> CNAME -> orig. domain display 2018-08-28 08:20:42 -07:00
Armen Boursalian
bb2ca3887c Put DNS rule higher up in chain 2018-08-23 22:44:48 -07:00
Northern-Lights
f4162b9384
Update probed function sys_execve to do_execve 2018-08-12 13:02:33 -07:00
evilsocket
6962c19de2
fix: calling ftrace probe Reset in order to start from a clean state (fixes #159) 2018-04-18 02:00:12 +02:00
evilsocket
461e6b678e
using ftrace in order to track pids in realtime 2018-04-17 18:08:03 +02:00
evilsocket
96cc94180e
misc: small fix or general refactoring i did not bother commenting 2018-04-16 19:28:28 +02:00
evilsocket
d4cca89329
optimization 2018-04-16 19:12:46 +02:00
evilsocket
a80f41a147
misc: small fix or general refactoring i did not bother commenting 2018-04-16 17:51:54 +02:00
evilsocket
bd2be803c9
made computations during stats collection async in preparation for #139 2018-04-16 13:17:10 +02:00
evilsocket
494cf1ab1a
migrating from glide to dep (closes #147) 2018-04-15 16:51:58 +02:00
evilsocket
d37cd40495
implemented process.env.ENV_VAR_NAME operand (closes #152) 2018-04-15 16:18:49 +02:00
evilsocket
4560219b92
parsing process env (ref #152) 2018-04-15 15:47:08 +02:00
evilsocket
55e7ad9702
misc: small fix or general refactoring i did not bother commenting 2018-04-15 15:40:40 +02:00
evilsocket
b014a4069e
misc: small fix or general refactoring i did not bother commenting 2018-04-15 15:39:43 +02:00
evilsocket
51bf34139e
limiting the number of elements the stats can have 2018-04-15 15:15:59 +02:00
evilsocket
4e9117c9de
new process.command operand 2018-04-15 14:58:23 +02:00
evilsocket
4699e13d9e
misc: small fix or general refactoring i did not bother commenting 2018-04-13 11:18:26 +02:00
evilsocket
c311a85dbc
misc: small fix or general refactoring i did not bother commenting 2018-04-12 11:32:03 +02:00
evilsocket
87967c5e9a
misc: small fix or general refactoring i did not bother commenting 2018-04-12 11:26:17 +02:00
evilsocket
6883af4165
misc: small fix or general refactoring i did not bother commenting 2018-04-11 19:19:37 +02:00
evilsocket
ec6ecea8b4
UI is now using python3 2018-04-11 15:35:29 +02:00
evilsocket
3a5932de38
misc: small fix or general refactoring i did not bother commenting 2018-04-10 20:04:59 +02:00