mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

updated after opensnitch repo commit 88dafe027d

wiki auto updater 2021-06-07 15:57:22 +00:00
parent 5fbd6e30f8
commit 698f547737
1 changed files with 37 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
block-lists.md

@ -2,10 +2,11 @@ Starting from version [1.4.0rc1](https://github.com/evilsocket/opensnitch/releas
It can be used to block ads, or limit to what domains an application connects to.
**How to configure it:**
### How to add a global rule to block ads/malware/etc:
1. Create a new rule: `000-block-domains`
2. Check [x] Priority, Duration: always, [x] To this list of domains
2. Check `[x] Enable`, `[x] Priority`, `Duration: always`, `[x] To this list of domains`
![image](https://user-images.githubusercontent.com/2742953/115916860-addcf500-a475-11eb-86f4-af2c645aa2ba.png)
@ -19,14 +20,45 @@ $ wget https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended
![image](https://user-images.githubusercontent.com/2742953/115919049-981cff00-a478-11eb-9201-360463302399.png)
The format of the files must be in hosts format:
---
### Limiting to what domains an application can connect to:
We'll create 2 rules:
- one for allow connections from an app to a limited number of domains.
- another one for deny everything from that app.
1. Create 2 rules: `000-allow-app` , `001-deny-all-from-app`
2. `000-allow-app`:
![image](https://user-images.githubusercontent.com/2742953/121044328-c1d67f00-c7b5-11eb-84c6-14e3abfc94a6.png)
Inside `/media/app/` write a file with a list of domains the app can connect to in hosts format:
```
127.0.0.1 xxx.domain.com
```
Remember that you may need to add the domain without the subdomains (`domain.com`, `xxx.domain.com`, etc)
3. `001-deny-all-from-app`:
![image](https://user-images.githubusercontent.com/2742953/121048055-b9cb0f00-c7b6-11eb-9b0e-bb59091fb123.png)
---
### Notes
- The format of the files must be in hosts format:
```
0.0.0.0 www.domain.com
127.0.0.1 www.domain.com
```
Lines started with # are ignored.
- Lines started with # are ignored. Write comments always on a new line, not after a domain.
- The domains `local`, `localhost`, `localhost.localdomain` and `broadcasthost` are ignored.
- Whenever you save the file to disk, OpenSnitch will reload the list.
Some lists of ads, tracking, malware, etc you can use:
### Resources
Lists of ads, tracking, malware, etc that you can use:
https://www.github.developerdan.com/hosts/