Use debconf to ask questions.
This allow us to:
- install deb packages using apt frontends (noninteractive, readline,
etc).
- display the questions on graphical installers like Gdebi.
closes#75
The server address and log file were hardcoded into the
opensnitchd.service file, making it almost impossible to change.
Soon we'll be able to change it from the UI.
we were not switching between process monitor methods properly, so we're
falling back to proc method in some cases.
Besides, there's seems to be a descriptors leaking problem in ftrace package
when closing resources.
nodes:
- added WA for backward compatibility with older protobuf libs.
stats:
- added sensitive and priority rules columns
- fixed selecting a node from the General tab.
- if DstHost is empty, display the IP instead.
- Hosts tab nw only lists hosts.
rules editor:
- added options to define if a rule has precedence and if it's
case-sensitive (for all fields for now). Default is case-insensitive.
closes#36
If a rule has the priority flag set, no others rules will be checked.
So if you name the rule as 000-allow-xx and set the priority flag, the
rule wil lbe the only one that will be checked if it matches a
connection.
See #36 to know more on this feature.
Sort rules by name, so they're checked in alphabetical order.
This way, you can place deny rules at the top of the list to get better
performance, since it won't check the rest of the rules.
Discussion: #36
In some scenarios some button icons are not available.
In these cases we'll first try to use the fallback theme, f it's
configured. If the buttons are still not available, list the themes
installed, and determine which one has the buttons we need, then use it.
If all this fails, then display a warning message to the user.
closes#53
In case we're connecting to an IP directly, or if an IP is not resolved,
leave the DstHost field empty and format it appropiately on the UIs.
Otherwise we can't know (easily) if the field DstHost of a connection is
an IP or a domain.
When a new connection is about to be established and the system performs
a dns resolution, we displayed it like this: 9.9.9.9 (www.opensnitch.io)
It added visibility of what was going on, but if you created a rule to
filter by destination host, you were prompted twice to allow firstly the
DNS query, and secondly the TCP connection, which was a bit annoying.
Some users (#5) also asked to display just the domain, so now we only
display the domain name.
Destination host, process path and process arguments are now case
insensitive by default.
There's a new rule operator field (sensitive), to change this behaviour:
```
{
"type": "simple",
"operand": "dest.host",
"sensitive": false,
"data": "opensnitch.io",
"list": null
}
```
Rules without this field will evaluate as false by default.
closes#45
