OpenSnitch 1.6.7

OpenSnitch is a GNU/Linux application firewall. Key features Interactive outbound connections filtering. Block ads, trackers or malware domains system wide. Ability to configure system firewall from the GUI (nftables). Configure input policy, allow inbound services, etc. Manage multiple nodes from a centralized GUI. SIEM integration

Tags firewall c
License GNU GPLv3
State stable

Recent Releases

1.6.729 Dec 2024 09:05 minor feature: lt;p gt;GUI release. lt;/p gt;. lt;h2 gt; lt;/h2 gt;. lt;ul gt;. lt;li gt;do not verify lists path on remote nodes - lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/446cb1ad099f224650fbb4ee7c3aa68d15b0bd6d/hovercard" href="https://github.com/evilsocket/opensnitch/commit/446cb1ad099f224650fbb4ee7c3aa68d15b0bd6d" gt; lt;tt gt;446cb1a lt;/tt gt; lt;/a gt; lt;/li gt;. lt;li gt;delay closing the GUI - lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/36f9242e11b5feca81c3a3125d0d415160ad67d6/hovercard" href="https://github.com/evilsocket/opensnitch/commit/36f9242e11b5feca81c3a3125d0d415160ad67d6" gt; lt;tt gt;36f9242 lt;/tt gt; lt;/a gt; lt;/li gt;. lt;li gt;exception getting node address when adding a new rule - lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/99cd9f1d456280dd0adc0651d3794569c2827926/hovercard" href="https://github.com/evilsocket/opensnitch/commit/99cd9f1d456280dd0adc0651d3794569c2827926" gt; lt;tt gt;99cd9f1 lt;/tt gt; lt;/a gt;) lt;/li gt;. lt;li gt;restoring policies when disabling the firewall - lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/12baf1a7d393cc57d33d8705acd77d0c473a95cd/hovercard" href="https://github.com/evilsocket/opensnitch/commit/12baf1a7d393cc57d33d8705acd77d0c473a95cd" gt; lt;tt gt;12baf1a lt;/tt gt; lt;/a gt; lt;/li gt;. lt;li gt;enabling/disabling global firewall button - lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/ee089af79b01957e398ae4a6106b3855129ef313/hovercard" href="https://github.com/evilsocket/opensnitch/commit/ee089af79b01957e398ae4a6106b3855129ef313" gt; lt;tt gt;ee089af lt;/tt gt; lt;/a gt; lt;/li gt;. lt;li gt;searching in tabs Users, Nodes - lt;a
1.6.602 Jul 2024 19:25 minor feature: lt;h2 gt; lt;/h2 gt;. lt;ul gt;. lt;li gt;exporting/importing rules lt;/li gt;. lt;li gt; daemon Remove duplicate regex in system.go for -check-requirements lt;/li gt;. lt;li gt; GUI keep working if pyinotify fails loading lt;/li gt;. lt;/ul gt;. lt;h2 gt;What has changed lt;/h2 gt;. lt;h4 gt;Improvements lt;/h4 gt;. lt;ul gt;. lt;li gt;allow to easily configure rules without the GUI lt;/li gt;. lt;li gt; daemon eBPF performance improvement handling exit events ( lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/15fcf6753516a1e22add87cb2b4f5de4a14540ec/hovercard" href="https://github.com/evilsocket/opensnitch/commit/15fcf6753516a1e22add87cb2b4f5de4a14540ec" gt; lt;tt gt;15fcf67 lt;/tt gt; lt;/a gt;) lt;/li gt;. lt;li gt; daemon eBPF disable events on too many errors lt;/li gt;. lt;li gt; daemon added more kernel config paths for checking system requirements lt;/li gt;. lt;li gt; GUI improved authentication options ( lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/ff407e72af7e023b290b9963e9c734d91d640f0b/hovercard" href="https://github.com/evilsocket/opensnitch/commit/ff407e72af7e023b290b9963e9c734d91d640f0b" gt; lt;tt gt;ff407e7 lt;/tt gt; lt;/a gt;, lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/c5409755bc3cafe386488ebe499ff96b9b3bac08/hovercard" href="https://github.com/evilsocket/opensnitch/commit/c5409755bc3cafe386488ebe499ff96b9b3bac08" gt; lt;tt gt;c540975 lt;/tt gt; lt;/a gt;) lt;/li gt;. lt;li gt; GUI improve wording lt;/li gt;. lt;li gt; GUI ignore SameFile error when enabling autostart ( lt;a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/evilsocket/opensnitch/commit/03439f4f9cffc42a0b7c30fc4743ff3ea773400d/hovercard" href="https://github.com/evilsocket/opensnitch/commit/03439f4f9cffc42
1.6.5.112 Feb 2024 09:25 minor feature: lt;ul gt;. lt;li gt;when using the GUI with multiple remote nodes. lt;a class="-link js--link" data-error-text="Failed to load title" data-id="2126814442" data-permission-text="Title is private" data-url="https://github.com/evilsocket/opensnitch//1093" data-hovercard-type="" data-hovercard-url="/evilsocket/opensnitch//1093/hovercard" href="https://github.com/evilsocket/opensnitch//1093" gt;#1093 lt;/a gt; lt;/li gt;. lt;/ul gt;. lt;p gt; lt;strong gt;Full Changelog lt;/strong gt;: lt;a class="commit-link" href="https://github.com/evilsocket/opensnitch/compare/v1.6.5...v1.6.5.1" gt; lt;tt gt;v1.6.5...v1.6.5.1 lt;/tt gt; lt;/a gt; lt;/p gt;.
1.6.509 Feb 2024 02:44 minor bugfix: Bug fixes daemon Fixed segfault on exit #919 , 24fd94c daemon Fixed DNS uprobes 5d33f41 GUI Fixed adding rules to the db from context menu #1027 , ec3f515 What has changed Improvements daemon Strings concatenation improvements (reduces mem usage, notably) b9ec524 daemon Stop established connections monitor after n errors (not to waste resources) 871238e daemon Clean DNS eBPF hooks on exit , da99686 New features daemon Allow to configure the path of rules directory (#449, 6bd1fe8), config file (from cli) and eBPF modules (#928 5c6da0a) GUI allow to configure refresh interval (#1073 , 435dffc) Known bugs DNS eBPF module does not work on armhf and i386 arquitectures. See the commits for more info and if you can help don't hesitate to open a PR or drop a comment :) c514946 , 9a6dfe7 opensnitch-procs eBPF module behaves a bit erratic on arm64 architecture (not new of this release) - d2d89e2 Full Changelog: v1.6.4...v1.6.5
1.6.428 Nov 2023 12:30 minor bugfix: https://github.com/evilsocket/opensnitch/releases/tag/v1.6.4
1.6.327 Aug 2023 01:22 minor bugfix: Only GUI packages updated. Bug fix Fixed error when setting DefaultAction to the daemon after connect to the GUI (#1017). What's Changed Introduce Sqlite WAL journal mode by @lainedfles in #1011
1.6.227 Aug 2023 01:21 minor feature:
1.6.128 Jul 2023 23:34 minor feature: Added support to secure communications between the daemon and the GUI with SSL certificates (12b4cf3) More info: https://github.com/evilsocket/opensnitch/wiki/Nodes-authentication#nodes-authentication-added-in-v161 TODO (WIP): Configure daemon auth options from the GUI. System fw: report any error when applying rules (8740755) Rules to intercept outbound connections changed (e090833, 26b8415) Discussion with the details: #995 What's Changed Allow to configure GUI autostart option by @munix9 in #964 Allow starting the GUI in background when the systray not available by @WojtekWidomski in #975 Dinit service file by @jackffmm in #969 Use temporary files instead of piping in ebpf Makefile by @nnsee in #985 i18n: update Brazilian Portuguese translation by @tioguda in #974 Add basic Traditional Chinese locale by @PeterDaveHello in #997 Better errors when the eBPF modules fail loading (662cd2e)