OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.

Daemon

The daemon is implemented in Go and needs to run as root in order to interact with the Netfilter packet queue, edit iptables rules and so on, in order to compile it you will need to install the libpcap-dev and libnetfilter-queue-dev libraries on your system, then just:

cd daemon
go build .

Qt5 UI

The user interface is a python script running as a gRPC server on a unix socket, to order to install its dependencies:

cd ui
pip install -r requirements.txt

Running

First, you need to decide in which folder opensnitch rules will be saved, it is suggested that you just:

mkdir -p ~/.opensnitch/rules

Now run the daemon:

sudo /path/to/daemon -ui-socket-path /tmp/osui.sock -rules-path ~/.opensnitch/rules

And the UI service as your user:

python /path/to/ui/main.py --socket /tmp/osui.sock

FAQ

Why Qt and not GTK?

I tried, but for very fast updates it failed bad on my configuration (failed bad = SIGSEGV), moreover I find Qt5 layout system superior and easier to use.

Why gRPC and not DBUS?

At some point the UI service will also be able to use a TCP listener, at that point the UI itself can be executed on any operating system, while receiving messages from a single local daemon instance or multiple instances from remote computers in the network, therefore DBUS would have made the protocol and logic uselessly GNU/Linux specific.