[SOLVED] Looking for restrictive Linux desktop firewall
Is there a firewall solution for Linux that will notify me of any connections that other processes try to establish, and let me allow/deny each connection manually?
I would like to get more concious about which tools are connecting to the internet, and how often.
If you're looking for outgoing requests, check out OpenSnitch. It should do exactly what you're looking for.
Thank you! Exactly what I'm looking for.
You are looking for an outbound firewall
Like the others recommended
OpenSnitch has multiple detection ways, eBPF might require activation in the kernel, there are others too, 4 in total
For me on NixOS it worked in eBPF and proc mode. NixOS' weird binary placement makes rules less secure I guess as it can only check commands (if it were nix-native it could use a function for that)
And I had tons of "unknown process"es which I needed to allow to not break things, which kinda makes the thing useless
@myotheraccount
#^https://github.com/evilsocket/opensnitch
#^https://safing.io/
Thanks 🙏 Opensnitch is exactly what I'm looking for
You could drop all and use the log function to see all traffic denied
Thanks, I'm aware, but I'm looking for an interactive application that lets me create rules on the fly. I don't want to have a one-time session where I check which tools connect to what, but rather something that interrupts me throughout the day...
If such a thing doesn't exist, tipps on how to build it are welcome too though.
Script that monitors the logs and uses notify-send to throw a popup? Not yet fully interactive but could be a start