mirror of
https://github.com/evilsocket/opensnitch.git
synced 2025-03-04 08:34:40 +01:00
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
6048b0ef64
- don't clean cache by number of items. - clean inodes from cache every 2' if the descriptor symlink doesn't exist anymore, or if the lastSeen time is more than 5 minutes. - launch cache cleaners before start a new process monitoring method, and start it only once for the life time of the daemon. - do not store in cache the Time objects, only the nanoseconds of the last updated time. - if the inode of a connection is found in cache, reorder the descriptors to push the descritptor to the top of the list. Also add cached the inode. It turns out that when a new connection is about to be established, when the process resolves the domain, the same inode is used to open the tcp connection to the target. So if it's cached we save CPU cycles. This also occurs when we block a connection and the process retries it, or when a connection timeouts and the process retries it (telnet 1.1.1.1). |
||
|---|---|---|
| .github | ||
| daemon | ||
| debian | ||
| proto | ||
| screenshots | ||
| ui | ||
| .gitignore | ||
| LICENSE | ||
| make_ads_rules.py | ||
| Makefile | ||
| README.md | ||
| release.sh | ||
OpenSnitch is a GNU/Linux application firewall.
Installation and configuration
Please, refer to the documentation for detailed information.