In some scenarios (#47) may be useful to have a set of rules handled from
OpenSnitch, although you can accomplish it with other software (ufw,...).
This rules will sit just above default intercetion, so if you want to
allow or deny something, just place it here.
These priority rules are defined in /etc/opensnitchd/fw.json, with the
following format (example):
{
"PriorityRules": {
"out": {
"allow": [
],
"deny": [
"-m conntrack --ctstate INVALID",
"-p tcp ! --syn -m conntrack --ctstate NEW"
]
}
}
}
The structure must exist even if you haven't defined any rule, for
example:
{
"PriorityRules": {
"out": {
"allow": [
],
"deny": [
]
}
}
}
The host to where a process is connecting to was missing in the options
list, when the connection to allow was a query to resolve the domain
name. Reported here: #48
Also added the connection port to the rule name.
When the daemon is stopped, we need to close opened netfilter recurses.
Otherwise we can fall into a situation where we leave NFQUEUE queues
opened, which causes opensnitch to not run anymore until system restart
or a manual intervention, because there's a NFQUEUE queue already created
with the same ID.
This is what was happening as a collateral effect of #41.
Current version is stable enough (based on users' feedback) to get it out
of the release candidate state. OpenSnitch works and is usable.
There's a lot of work yet to do, so let's start from a fresh and shiny
release number.
When restoring columns size state, the clicked events of the headers
(qtableview) were being fired, so the sort order was being not
respected.
Ensure also that changes to the general tab only affects to that tab.
Since we show and hide the stats window just by clicking on the systray
icon, the window is not closed, or at least the closEvent() is not being
fired, so the settings were not being saved.
In old libnetfilter_queue libs, we can't know the UID of the packet
because the function nfq_get_uid is not present.
We check it dynamically on run time, but we were doing it wrong, so the
daemon didn't run with old libs.
Thaks to Pain-Patate for reporting it in #18.
Reported here: #23
Now if a user resize a column manually on the first tab, or
adjust it to the column contents by double clicking on the middle
of the columns, the next time the UI is shown the columns size will
be restored.
Fixed default settings when it's the first time it's shown.
Fixed default action settings key
Fixed default target configured from the preferences dialog.
Set default pop-up dialog size on shown event.
