Hi Stevo.
I know that would be difficulty, but will be great to have in MX Linux Repo, one of the follow Appilcation Based Firewalls.
Douane
Leopard Flower
OpenSnitch
or another one similar to them
Gufw is great but it is difficulty to block an personal appkication with it.
Application Base Firewall - Repo Required
Re: Application Base Firewall - Repo Required
There aren't any for Linux, they are either no longer developed, buggy, or both... including the ones you've listed.
Opensnitch looked promising, but I've not seen any development on it since July last year.
Opensnitch looked promising, but I've not seen any development on it since July last year.
Chris
MX 18 MX 19 - Manjaro
MX 18 MX 19 - Manjaro
Re: Application Base Firewall - Repo Required
I would also appreciate to have Appilcation Based Firewall.
It looks like "Douane" is still developed.
https://gitlab.com/douaneapp/Douane
Not very busy, but there are always changes from time to time.
And there seems to be a much more up-to-date version of opensnitch:
https://github.com/gustavo-iniguez-goya/opensnitch
What do you think? Thank you.
It looks like "Douane" is still developed.
https://gitlab.com/douaneapp/Douane
Not very busy, but there are always changes from time to time.
And there seems to be a much more up-to-date version of opensnitch:
https://github.com/gustavo-iniguez-goya/opensnitch
What do you think? Thank you.
-
- Posts: 3602
- Joined: Tue Jun 14, 2016 2:02 pm
Re: Application Base Firewall - Repo Required
I have been watching opensnitch for awhile, but I don’t see the point in providing it to users when the developers states thisDuliwi wrote: ↑Fri Oct 02, 2020 4:48 pm And there seems to be a much more up-to-date version of opensnitch:
https://github.com/gustavo-iniguez-goya/opensnitch
What do you think? Thank you.
Looks like it should build though. But what is the point of a firewall if you can’t rely on it?Disclaimer
THIS SOFTWARE IS A WORK IN PROGRESS, DO NOT EXPECT IT TO BE BUG FREE AND DO NOT RELY ON IT FOR ANY TYPE OF SECURITY.
NEW USERS START HERE FAQS, MX Manual, and How to Break Your System - Don't use Ubuntu PPAs! Always post your Quick System Info (QSI) when asking for help.
Re: Application Base Firewall - Repo Required
Thank you for your statement.
I don't know. But maybe the developers are just over-cautious and will never remove this text.
Is a security software safer, if the developers don't write such a notice?
Maybe this is just a disclaimer to exclude any liability. And it applies in principle to all security software at every stage of development.
But maybe the successor project "https://github.com/gustavo-iniguez-goya/opensnitch" simply has the disclaimer from the pre-project "https://github.com/evilsocket/opensnitch" taken over.
I don't know. But maybe the developers are just over-cautious and will never remove this text.
Is a security software safer, if the developers don't write such a notice?
Maybe this is just a disclaimer to exclude any liability. And it applies in principle to all security software at every stage of development.
But maybe the successor project "https://github.com/gustavo-iniguez-goya/opensnitch" simply has the disclaimer from the pre-project "https://github.com/evilsocket/opensnitch" taken over.
-
- Posts: 3602
- Joined: Tue Jun 14, 2016 2:02 pm
Re: Application Base Firewall - Repo Required
If it was 100% stable, secure, and ready for use the developer would remove that comment.
We can package it, but we can’t support issues if the developer isn’t. It hasn’t been updated since July BTW, not sure why.
Edit: note I said 100%, doesn’t mean you can’t use it, but it’s like having an airbag in your car when the manufacturer says “well, I wouldn’t trust it”.
We can package it, but we can’t support issues if the developer isn’t. It hasn’t been updated since July BTW, not sure why.
Edit: note I said 100%, doesn’t mean you can’t use it, but it’s like having an airbag in your car when the manufacturer says “well, I wouldn’t trust it”.
NEW USERS START HERE FAQS, MX Manual, and How to Break Your System - Don't use Ubuntu PPAs! Always post your Quick System Info (QSI) when asking for help.
-
- Posts: 3602
- Joined: Tue Jun 14, 2016 2:02 pm
Re: Application Base Firewall - Repo Required
opensnitch needs some work to get packaged, the developer nests the opensnitch-ui in opensnitch but builds it separately.
They include the debian build directories for both, but the opensnitch-ui is folder is inside of the opensnitch folder.
I was able to separate out the packages into individual ones and build them, but I haven't tested them to make sure nothing breaks while doing this.
I also want to ask the developer if they can create a separate repo for opensnitch-ui or work to make it so both can be built all at once.
One or the other is a correct way, but the way things are now is not right. Plus this creates a ton of unnecessary work separating them out and packaging as it is right now.
They include the debian build directories for both, but the opensnitch-ui is folder is inside of the opensnitch folder.
I was able to separate out the packages into individual ones and build them, but I haven't tested them to make sure nothing breaks while doing this.
I also want to ask the developer if they can create a separate repo for opensnitch-ui or work to make it so both can be built all at once.
One or the other is a correct way, but the way things are now is not right. Plus this creates a ton of unnecessary work separating them out and packaging as it is right now.
NEW USERS START HERE FAQS, MX Manual, and How to Break Your System - Don't use Ubuntu PPAs! Always post your Quick System Info (QSI) when asking for help.
Re: Application Base Firewall - Repo Required
Thank you.
Maybe I will try an other way to block internet access for particular Programs. And misuse the sandboxing program firejail for this.
Maybe I will try an other way to block internet access for particular Programs. And misuse the sandboxing program firejail for this.