mirrors/opensnitch: OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 00:24:40 +01:00

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

application-firewall data-breach firewall linux networking security

Find a file

Gustavo Iñiguez Goia f032575af0 allow to configure multiple queues Added option to configure multiple nfqueues. Post with detailed information about the performance: https://github.com/evilsocket/opensnitch/discussions/1104 After using -queues 1:6 , you need to configure the rules manually: (for TCP) nft insert rule inet mangle output tcp flags syn / fin,syn,rst,ack queue to numgen inc mod 6 TODO: - Configure queues in the fw automatically based on the queues defined. - Investigate if we need to use runtime.LockOSThread() in NewQueue(). - Allow to use multiple instances of the daemon: * One daemon acts as the main daemon, connected to the server (UI) and managing the rules and notifications. * The other daemons only intercept and apply verdicts on packets, with the rules loaded from a central directory (/etc/opensnitchd/rules) FIXME: - There's a deadlock repeating the packets when a connection is waiting for approval. - Investigate the high mem consumption under heavy load.		2024-04-05 18:09:23 +02:00
.github	ci: use go1.20 compiler	2023-10-23 20:32:29 +02:00
daemon	allow to configure multiple queues	2024-04-05 18:09:23 +02:00
ebpf_prog	Updated ebpf compilation instructions	2024-02-06 00:30:44 +01:00
proto	rules: improved operator list parsing and conversion	2023-10-09 14:55:15 +02:00
screenshots	added more screenshots	2020-02-25 22:39:32 +01:00
ui	ui: fixed deleting rules with list limits	2024-02-11 11:41:49 +01:00
utils	pkgs: improved rpm upgrades	2024-02-02 14:16:16 +01:00
.gitignore	misc	2023-07-23 22:29:47 +02:00
LICENSE	Update LICENSE	2020-06-20 17:48:59 +02:00
Makefile	makefile:	2021-02-13 18:48:49 +03:00
README.md	addded donations section	2023-06-12 16:19:10 +02:00
release.sh	misc: small fix or general refactoring i did not bother commenting	2018-04-10 19:49:58 +02:00

README.md

OpenSnitch is a GNU/Linux application firewall.

•• Key Features • Download • Installation • Usage examples • In the press ••

OpenSnitch

Key features

Interactive outbound connections filtering.
Block ads, trackers or malware domains system wide.
Ability to configure system firewall from the GUI (nftables).
- Configure input policy, allow inbound services, etc.
Manage multiple nodes from a centralized GUI.
SIEM integration

Download

Download deb/rpm packages for your system from https://github.com/evilsocket/opensnitch/releases

Installation

deb

$ sudo apt install ./opensnitch*.deb ./python3-opensnitch-ui*.deb

rpm

$ sudo yum localinstall opensnitch-1*.rpm; sudo yum localinstall opensnitch-ui*.rpm

Then run: $ opensnitch-ui or launch the GUI from the Applications menu.

Please, refer to the documentation for detailed information.

OpenSnitch in action

Examples of OpenSnitch intercepting unexpected connections:

https://github.com/evilsocket/opensnitch/discussions/categories/show-and-tell

Have you seen a connection you didn't expect? submit it!

In the press

Donations

If you find OpenSnitch useful and want to donate to the dedicated developers, you can do it from the Sponsor this project section on the right side of this repository.

You can see here who are the current maintainers of OpenSnitch: https://github.com/evilsocket/opensnitch/commits/master

Contributors

See the list

Translating