mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 00:24:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
opensnitch/daemon
History
Gustavo Iñiguez Goia 6622df9d38
allow to configure nfqueue bypass flag 
Nfqueue bypass option skips the enqueue of packets to userspace
if no application is listening to the queue.
https://wiki.nftables.org/wiki-nftables/index.php/Queueing_to_userspace

If this flag is not specified, and for example the daemon dies
unexpectedly, all the outbound traffic will be blocked.

Up until now we've been using this flag by default not to block network
traffic if the daemon dies or is killed for some reason. But some users
want to use precisely this behaviour (#884, #1183, #1201).

Now you can configure it, to block connections if the daemon
unexpectedly dies.

The option is on by default in the configuration (QueueBypass: true).
If this item is not present in the daemon config file, then it'll be
false.
2024-10-19 10:51:40 +02:00
..
conman getparents code reorganization 2023-10-04 00:58:17 +02:00
core Remove duplicate regex in system.go for -check-requirements 2024-05-26 23:22:53 +00:00
data/rules Added sample rule to allow localhost connections 2023-07-23 22:30:49 +02:00
dns clean dns ebpf hooks on exit 2024-01-28 01:10:00 +01:00
firewall allow to configure nfqueue bypass flag 2024-10-19 10:51:40 +02:00
log loggers, remote_syslog: check if we're connected 2024-05-15 00:06:26 +02:00
netfilter structs fields reorganized 2024-01-14 20:44:49 +01:00
netlink make connections flushing configurable 2024-05-13 00:27:41 +02:00
netstat strings concatenation improvements 2024-01-16 00:14:44 +01:00
procmon ReadEnv() minor improvement 2024-10-18 01:08:43 +02:00
rule fixed loading rules when Created field is a timestamp 2024-06-10 23:54:54 +02:00
statistics more work on reloading configuration 2024-05-11 18:23:20 +02:00
tasks added tasks tests 2024-10-11 00:01:00 +02:00
ui allow to configure nfqueue bypass flag 2024-10-19 10:51:40 +02:00
.gitignore daemon -> opensnitchd (ref #118) 2018-04-10 18:38:04 +02:00
default-config.json allow to configure nfqueue bypass flag 2024-10-19 10:51:40 +02:00
go.mod introducing daemon tasks 2024-09-25 01:00:38 +02:00
go.sum introducing daemon tasks 2024-09-25 01:00:38 +02:00
Gopkg.toml fix: calling ftrace probe Reset in order to start from a clean state (fixes #159) 2018-04-18 02:00:12 +02:00
main.go allow to configure nfqueue bypass flag 2024-10-19 10:51:40 +02:00
Makefile daemon/Makefile: improvements to make distro packaging easier (#780) 2022-12-21 10:35:52 +01:00
opensnitchd-dinit Add files via upload 2023-06-17 23:56:58 +02:00
opensnitchd-openrc feat(daemon): add OpenRC script 2023-04-02 02:33:40 +02:00
opensnitchd.service Replace docs link in opensnitchd.service 2023-02-09 20:56:29 +00:00
system-fw.json added icmp destination-unreachable to system-fw.json 2023-07-26 11:40:17 +02:00