mirrors/opensnitch: OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 00:24:40 +01:00

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

application-firewall data-breach firewall linux networking security

Find a file

Gustavo Iñiguez Goia 2f1a9b8c9e on errors stop established conns monitor There's a long running task that monitors established connections every ~2s. When a connection is not found via ebpf or proc, sometimes it's found there so we can use the inode to search for the process. However on some systems the netlink call to dump the sockets may fail continuously, wasting resources. It'll also fail if you block connections to port 0 (common case for ICMP packets). So if there're too many errors dumpng the sockets, stop this task for these cases.		2024-01-20 23:37:51 +01:00
.github	ci: use go1.20 compiler	2023-10-23 20:32:29 +02:00
daemon	on errors stop established conns monitor	2024-01-20 23:37:51 +01:00
ebpf_prog	ebpf: delete pid from exec maps if it exists	2024-01-08 01:33:54 +01:00
proto	rules: improved operator list parsing and conversion	2023-10-09 14:55:15 +02:00
screenshots	added more screenshots	2020-02-25 22:39:32 +01:00
ui	ui: display alert details by double-clicking on it	2024-01-04 12:15:39 +01:00
utils	rpm pkgs: changed autostart path	2023-11-29 22:54:02 +01:00
.gitignore	misc	2023-07-23 22:29:47 +02:00
LICENSE	Update LICENSE	2020-06-20 17:48:59 +02:00
Makefile	makefile:	2021-02-13 18:48:49 +03:00
README.md	addded donations section	2023-06-12 16:19:10 +02:00
release.sh	misc: small fix or general refactoring i did not bother commenting	2018-04-10 19:49:58 +02:00

README.md

OpenSnitch is a GNU/Linux application firewall.

•• Key Features • Download • Installation • Usage examples • In the press ••

OpenSnitch

Key features

Interactive outbound connections filtering.
Block ads, trackers or malware domains system wide.
Ability to configure system firewall from the GUI (nftables).
- Configure input policy, allow inbound services, etc.
Manage multiple nodes from a centralized GUI.
SIEM integration

Download

Download deb/rpm packages for your system from https://github.com/evilsocket/opensnitch/releases

Installation

deb

$ sudo apt install ./opensnitch*.deb ./python3-opensnitch-ui*.deb

rpm

$ sudo yum localinstall opensnitch-1*.rpm; sudo yum localinstall opensnitch-ui*.rpm

Then run: $ opensnitch-ui or launch the GUI from the Applications menu.

Please, refer to the documentation for detailed information.

OpenSnitch in action

Examples of OpenSnitch intercepting unexpected connections:

https://github.com/evilsocket/opensnitch/discussions/categories/show-and-tell

Have you seen a connection you didn't expect? submit it!

In the press

Donations

If you find OpenSnitch useful and want to donate to the dedicated developers, you can do it from the Sponsor this project section on the right side of this repository.

You can see here who are the current maintainers of OpenSnitch: https://github.com/evilsocket/opensnitch/commits/master

Contributors

See the list

Translating