OpenSnitch is a GNU/Linux application firewall.
Home:
https://github.com/evilsocket/opensnitch
Wiki:
https://github.com/evilsocket/opensnitch/wiki
Packages:
https://github.com/evilsocket/opensnitch/releases

Review (today's DistroWatch Weekly):
"OpenSnitch is a rare tool in the Linux ecosystem. It is a service with a
friendly graphical desktop application which assists the user in blocking
network connections based on which daemon or application is making the
connection attempt.(...)
I decided to run OpenSnitch on Linux Mint.(...)
OpenSnitch is one of the first tools I have encountered which provides both the
rules and real-time monitoring that Windows tools (such as Zone Alarm) provide.
The fact that OpenSnitch manages to be friendly, pretty easy to navigate, and
flexible in how we manage both rules and new connections is fantastic.(...)
I think it is well worth installing OpenSnitch to find out what processes are
talking over your network and who they are talking with. For example, while I
was running Linux Mint, some programs sent out signals to Canonical servers
which appears to be used for connectivity checks and/or getting a count of how
many users are on-line. You might be interested in seeing how many programs are
phoning home or pinging remote servers in an effort to count users or check for
news updates."
https://distrowatch.com/weekly.php?issue=20211206#opensnitch

I've been looking for something like this since I made the switch from MS
Windows to Linux Mint, many years ago, and will definitely have a closer look at
it.

Yrrah

On Mon, 06 Dec 2021 14:08:36 +0100
Yrrah <Yrrah-aolm@aolm.invalid> wrote:

> OpenSnitch is a GNU/Linux application firewall.
> Home:
> https://github.com/evilsocket/opensnitch
> Wiki:
> https://github.com/evilsocket/opensnitch/wiki
> Packages:
> https://github.com/evilsocket/opensnitch/releases
>
> Review (today's DistroWatch Weekly):
> "OpenSnitch is a rare tool in the Linux ecosystem. It is a service
> with a friendly graphical desktop application which assists the user
> in blocking network connections based on which daemon or application
> is making the connection attempt.(...)
> I decided to run OpenSnitch on Linux Mint.(...)
> OpenSnitch is one of the first tools I have encountered which
> provides both the rules and real-time monitoring that Windows tools
> (such as Zone Alarm) provide. The fact that OpenSnitch manages to be
> friendly, pretty easy to navigate, and flexible in how we manage both
> rules and new connections is fantastic.(...) I think it is well worth
> installing OpenSnitch to find out what processes are talking over
> your network and who they are talking with. For example, while I was
> running Linux Mint, some programs sent out signals to Canonical
> servers which appears to be used for connectivity checks and/or
> getting a count of how many users are on-line. You might be
> interested in seeing how many programs are phoning home or pinging
> remote servers in an effort to count users or check for news
> updates." https://distrowatch.com/weekly.php?issue=20211206#opensnitch
>
> I've been looking for something like this since I made the switch
> from MS Windows to Linux Mint, many years ago, and will definitely
> have a closer look at it.
>
> Yrrah
>
>

Thanks. I was looking for something like this a few years ago.

It not in the Linux Mint repository, but it is in the Mx Linux
repository.

Opensnitch

OpenSnitch is a GNU/Linux firewall application.
Whenever a program makes a connection, it'll prompt the user to allow or deny
it.

The user can decide if block the outgoing connection based on properties of
the connection: by port, by uid, by dst ip, by program or a combination
of them.

These rules can last forever, until the app restart or just one time.

The GUI allows the user to view live outgoing connections, as well as search
by process, user, host or port.

Opensnitch UI

opensnitch-ui is a GUI for opensnitch written in Python.
It allows the user to view live outgoing connections, as well as search
for details of the intercepted connections.

The user can decide if block outgoing connections based on properties of
the connection: by port, by uid, by dst ip, by program or a combination
of them.

These rules can last forever, until restart the daemon or just one time.

Johnny <johnny@invalid.net>:
> It not in the Linux Mint repository,

LM users can download and install a .deb package.
It's here:
https://github.com/evilsocket/opensnitch/releases

Yrrah

On 12/06/2021 05:08 AM, Yrrah wrote:
> Review (today's DistroWatch Weekly):
> "OpenSnitch is a rare tool in the Linux ecosystem. It is a service with a
> friendly graphical desktop application which assists the user in blocking
> network connections based on which daemon or application is making the
> connection attempt.(...)

> I've been looking for something like this since I made the switch from MS
> Windows to Linux Mint, many years ago

Apparently you didn't make the switch before 2005.

It's no longer supported, but Firestarter was pretty great for this use
case. Wonder if it's using bits of the same code.

https://en.wikipedia.org/wiki/Firestarter_(firewall)
https://help.ubuntu.com/community/Firestarter

On 2021-12-06, Yrrah <Yrrah-aolm@aolm.invalid> wrote:
> Johnny <johnny@invalid.net>:
>
>> It not in the Linux Mint repository,
>
> LM users can download and install a .deb package.
> It's here:
> https://github.com/evilsocket/opensnitch/releases
>
There are two parts, the deamon and the GUI. Of course you knew that ;-)