OpenSnitch Icon

Makes internet connections from all apps visible, allowing you to block or manage traffic on a per-app basis. GNU/Linux port of the Little Snitch application firewall.

Open Source

OpenSnitch Source Code




OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.






16 Apr 17

Last Updated

07 Jun 24

Latest version


Primary Language



18,241 KB







Language Usage

Language Usage

Star History

Star History

Recent Commits

  • Gustavo Iñiguez Goia (04 Jun 24)

    ui: updated extensions to discover apps' icons

  • Gustavo Iñiguez Goia (30 May 24)

    ui: fixed exporting rules to the clipboard We were not formatting the "created" date field properly. More info:

  • Gustavo Iñiguez Goia (29 May 24)

    ui,prefs: allow to configure more options Allow to configure from the preferences dialog: - max stats and events. - rules path (use default path if empty). - internal GC percentage, flush connections on start. Disabled daemon's DefaultDuration option when the daemon is not connected to the server (GUI). By default is "once". Improved configuration parsing. Minor improvements to display status messages.

  • Gustavo Iñiguez Goia (29 May 24)

    set default rules directory if empty Use /etc/opensnitchd/rules as the default directory if it has not been provided via configuration.

  • Gustavo Iñiguez Goia (27 May 24)

    Merge pull request #1139 from redanaheim/master Remove duplicate regex in system.go for -check-requirements

  • redanaheim (26 May 24)

    Remove duplicate regex in system.go for -check-requirements

  • Gustavo Iñiguez Goia (22 May 24)

    improved config file reloading behaviour Start monitoring the config file every time we read the file, to survive: - malformed json file - intermediate file removal (when writing we receive 2 write events, one of0 bytes) "A watch will be automatically removed if the watched path is deleted or renamed" "A path can only be watched once; watching it more than once is a no-op and will not return an error"

  • Gustavo Iñiguez Goia (21 May 24)

    updated go.mod, added go.sum

  • Gustavo Iñiguez Goia (21 May 24)

    improved rules reloading, cli parameters - When reloading rules from a path: stop existing (domains,ips,regexp) lists monitors, stop rules watcher and start watching the new dir for changes, delete existing rules from memory, etc. - Previously, cli parameters (queue number, log file, etc) were taking into account before loading the configuration. Now the configuration file is loaded first (default-config.json), and if any of the cli parameter has been specified, it'll overwrite the loaded configuration from file. This means for example that if you use "-process-monitor-method proc", and "ebpf" is configured in default-config.json, firstly "ebpf" will be configured, and later "proc". (-queue-num option for now requires to match config option cfg.FwOptions.QueueNumber)

  • Gustavo Iñiguez Goia (19 May 24)

    kill established connections only on fw/monitor changes

  • Gustavo Iñiguez Goia (18 May 24)

    ui,prefs: node auth settings improvements - Added "More information" label to the preferences dialog, and open a link to our wiki with more information. - Allow to configure node auth settings from the GUI: When we added the authentication options (12b4cf31047c69ba067d22979daf96d7eee551e1, 6556eed1aeb124f22d8ef503c4ba960f38918654, f63d9dce720a6ab385730dde0b1e86bfa6f0b134) we allowed to configure auth options from the GUI, but only if the nodes already had the options configured. If the auth options received were empty, we simply disabled the auth options on the preferences dialog. Now we build the configuration in this scenario, and sent it back to the nodes.

  • Gustavo Iñiguez Goia (18 May 24)

    Merge pull request #1135 from ponychicken/patch-1 Improve wording in Top menu

  • Gustavo Iñiguez Goia (18 May 24)

    ui, prefs: ignore SameFile error when enabling autostart When clicking [x] Autostart the GUI upon login, ignore the exception if src and dst (opensnitch_ui.desktop) are the same file.

  • ponychicken (18 May 24)

    Improve wording

  • Gustavo Iñiguez Goia (17 May 24)

    ui, prefs: load and conf daemon DefaultAction In f5f30b1e5840c6afbba4cdf9536a320e63842555 we added the option to reject connections as DefaultAction. If configured, load and set it in the preferences dialog.

  • Gustavo Iñiguez Goia (17 May 24)

    ui, prefs: improved loading auth options

  • Gustavo Iñiguez Goia (17 May 24)

    ui: fixed deleting rules reverts 2ec37ed5939c9489964610b78aa319eaf22891f9 Closes: #1133

  • Gustavo Iñiguez Goia (15 May 24)

    updated default-config.json with latest added opts More info about these options:

  • Gustavo Iñiguez Goia (15 May 24)

    allow to customize ebpf options Allow to customize: - EventsWorkers: number of goroutines to handle kernel events. Default 8. - QueueEventsSize: max number of events in the queue. By default 0, meaning that it'll relay on the available goroutines to process the events. If it's > 0, and the daemon can't process the events fast enough, they'll be queued. Once the queue is full, it'll behave as it was of size 0. If there're lost events, a message will be logged: "Lost ebpf events..."

  • Gustavo Iñiguez Goia (14 May 24)

    loggers, remote_syslog: check if we're connected when writing, check if we're connected, or reconnecting.

  • Gustavo Iñiguez Goia (14 May 24)

    fw: allow to configure interception queue number - Added new configuration field to allow configure fw interception number queue (default to 0): "FwOptions": { "QueueNum": 0 } (we still need to reconfigure nfqueue queues in order for this to take effect). - If the fw configuration path is not supplied, default to /etc/opensnitchd/system-fw.json

  • Gustavo Iñiguez Goia (14 May 24)

    fixed segfaults when loading fw/loggers - The loggers were not being properly initialized. - The fw was only being load on reload, instead of on startup and reload. Kudos to @1fishe2fishe for reporting this problem and proposing a fix in #1130!

  • Gustavo Iñiguez Goia (14 May 24)

    Merge pull request #1126 from tioguda/master i18n: updated Brazilian Portuguese translation

  • Gustavo Iñiguez Goia (12 May 24)

    fw minor changes use struct{} instead of bool for exit channels, func parms cosmetic change.

  • Gustavo Iñiguez Goia (12 May 24)

    do not flush conns when adding the inteception rules part of previous commit.

  • Gustavo Iñiguez Goia (12 May 24)

    make connections flushing configurable By default when adding the interception rules, we were killing all existing connections, to force them go to the netfilter queue. However in some environments this is not acceptable, so now it's configurable. Besides, we were doing this only for nftables, so now it also works for iptables.

  • Gustavo Iñiguez Goia (12 May 24)

    stop proc monitor when disabling interception When disabling the interception from the server (GUI), the network interception was stopped, but the procs monitor kept running. Now the procs monitor in use is also stopped, not to interfere with the rest of the system (except 'proc').

  • Gustavo Iñiguez Goia (11 May 24)

    removed fw rules initialization from main now they're added after loading the configuration.

  • Gustavo Iñiguez Goia (11 May 24)

    loggers improvements improvements to the loggers modules: - allow to specify a connection timeout (there was only a write timeout). - performance improvements when building the messages to be written/sent. - allow to restart the connection with remote servers if we fill up the messages queue. This can occur for example if we connect to a remote server, start sending messages, but we haven't allowed other connections yet. In this case the connections never recovered from this state, and we weren't prompted to allow the needed connections. (more work nd testing needed)

  • Gustavo Iñiguez Goia (11 May 24)

    more work on reloading configuration continuation of previous commit bde5d34deb5e5c5858991510c48fbd58913a193a - Allow to reconfigure stats limits (how many events we keep on the daemon, number of workers, ...) - Allow to reconfigure loggers.

OpenSnitch Website


GitHub: Let’s build from here · GitHub

GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows, and secure code before you commit it.


Does not redirect

Security Checks

All 66 security checks passed

Server Details

  • IP Address
  • Hostname
  • Location San Francisco, California, United States of America, NA
  • ISP GitHub Inc.
  • ASN AS36459

Associated Countries

  • US

Saftey Score

Website marked as safe


Blacklist Check was found on 0 blacklists

  • ThreatLog
  • OpenPhish
  • PhishTank
  • Phishing.Database
  • PhishStats
  • URLhaus
  • RPiList Not Serious
  • AntiSocial Blacklist
  • PhishFeed
  • NABP Not Recommended Sites
  • Spam404
  • CRDF
  • Artists Against 419
  • CERT Polska
  • PetScams
  • Suspicious Hosting IP
  • Phishunt
  • CoinBlockerLists
  • MetaMask EthPhishing
  • EtherScamDB
  • EtherAddressLookup
  • ViriBack C2 Tracker
  • Bambenek Consulting
  • Badbitcoin
  • SecureReload Phishing List
  • Fake Website Buster
  • TweetFeed
  • CryptoScamDB
  • StopGunScams
  • ThreatFox
  • PhishFort

Website Preview

OpenSnitch Reviews

More Firewalls

About the Data: OpenSnitch


You can access OpenSnitch's data programmatically via our API. Simply make a GET request to:

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

About the Data

Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.

Share OpenSnitch

Help your friends compare Firewalls, and pick privacy-respecting software and services.
Share OpenSnitch and Awesome Privacy with your network!

View Firewalls (14)