- Allow to receive and display errors when deleting app rules.
- Fixed error displaying notifications on the main window.
- Improvements to receive notifications on the fw dialog.
When selecting a user from the dropdown list, it should set the uid of
the user in the text line. But sometimes, the format "user (uid)" was
set (instead of just "uid").
- Added options to configure authentication type and certs from the
preferences dialog.
- Reorganize code a little bit to displaya message when restarting the
GUI is needed.
* require pyxdg
* extend xdg, introduce autostart
* use xdg_current_desktop from opensnitch.utils.xdg
* control autostart in tray
* dont use pkill anymore
* check if os-ui is already running
* don't require pyxdg (for now)
* simplify xdg_current_desktop
* do not use pyxdg (for now), use some code from there
* update autostart status when menu is open
* fix possible SameFileError
There have been some issues (#673) informing that the notifications
timeout were not working on KDE.
On 843412d I wrote that the timeout unit is millisecond, as stated on
the docs here:
https://notify2.readthedocs.io/en/latest/#notify2.Notification.set_timeout
But after some trial and error:
- set_timeout() units are in seconds, at least for KDE 5.26.3, Xfce
4.18 and GNOME 43.
- not specifying the timeout with set_timeout() lets the Desktop
Environment handle the timeout for us, from their respective
preferences window.
So at least now there're some DEs where the notifications are closed as
expected.
- Previously we only supported multiple ICMP types on the same rule
by adding multiple keys:
Key: type
Value: echo-request
Key: type
Value: echo-reply
Now it's possible to specify them using ',':
Key: type
Value: echo-request,echo-reply
- Validate ICMP types before adding them.
* There was a situation where the details of an app rule was not being
displayed correctly:
- on the tab rules select any system fw rule.
- go to the Events tab
- double click on the Rule column to view the details.
- instead of the app rules details, the list of system fw rules was
displayed.
* On the other hand, when going back from the details view, the list of
rules was not being refreshed correctly.
In this situation now we select the Application rules view.
make it more nftables style:
ip daddr 127.0.0.1 tcp dport 53 accept
instead of:
ip daddr == 127.0.0.1 tcp dport == 53 accept
It'll be easier to translate our rules to nftables rules in this way.
- Fixed setting the protocol of a dport/sport statement.
- Fixed translating ports to service name, and back (/etc/service).
- Enable Save button when modifying the description of a rule.
Now you can add rules to allow multiple protocols.
For example you can add a rule to allow dport/sport for both TCP
and UDP.
There're two options to allow a port:
Statement {
Name: tcp
Values:
Key: dport
Value: 1234
}
Statement {
Name: meta
Values:
Key: l4proto
Value: tcp,udp
Key: dport
Value: 1234
}
Closes#951.
The helper dialog to allow inbound connections to a port was adding a
rule to source port, instead of destination port.
The source port is needed to allow the traffic of a *local service"
when the inbound policy is set to Deny.
- When changing a policy, disable it until we receive a response.
Maybe we should even delay it a little bit more.
- When editing a fw rule, disable the Save button if the user didn't
change any field.
Some DEs and WMs don't support systray icons. In this situation we
display the GUI after 10s.
However many users were confused about this behaviour, thinking that
this delay displaying the GUI was a bug (#937).
Hopefully with a warning to the terminal and the desktop will help
them to know what's going on.
