OpenSnitch
github.com/evilsocket/opensnitch LinuxMakes internet connections from all apps visible, allowing you to block or manage traffic on a per-app basis. GNU/Linux port of the Little Snitch application firewall.
- Homepage: github.com/evilsocket/opensnitch
- GitHub: github.com/evilsocket/opensnitch
- Web info: web-check.xyz/results/github.com
OpenSnitch Source Code
Author
Description
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
Homepage
License
GPL-3.0
Created
16 Apr 17
Last Updated
18 Jan 25
Latest version
Primary Language
Python
Size
18,989 KB
Stars
11,132
Forks
524
Watchers
11,132
Language Usage
Star History
Top Contributors
- @gustavo-iniguez-goya (1272)
- @evilsocket (278)
- @adisbladis (42)
- @tioguda (14)
- @MarkoShiva (8)
- @Northern-Lights (8)
- @nolancarougepro (7)
- @themighty1 (6)
- @ovari (6)
- @0xacb (6)
- @omern1 (4)
- @lainedfles (4)
- @petterreinholdtsen (4)
- @intika (3)
- @gnuhead-chieb (3)
- @SpencerIsGiddy (3)
- @raphting (3)
- @ckuethe (3)
- @raboof (3)
- @ariel-anieli (3)
- @atriwidada (3)
- @luzpaz (2)
- @freddii (2)
- @staticssleever668 (2)
- @WojtekWidomski (2)
- @Ph0rkoz (2)
- @p- (2)
- @nberlee (2)
- @melizeche (2)
- @jkozera (2)
Recent Commits
- Gustavo Iñiguez Goia (13 Jan 25)
Merge pull request #1255 from staticssleever668/fix_unbound_service ui: make sure 'service' variable is set
- Yaroslav Chvanov (13 Jan 25)
ui: make sure 'service' variable is set Fixes error when running `opensnitch-ui` again: > if service: > ^^^^^^^ > NameError: name 'service' is not defined. Did you mean: 'UIService'? Fixes: cdf93c72c172 ("ui: fixed delay closing the GUI")
- Gustavo Iñiguez Goia (11 Jan 25)
add new log level TRACE
- Gustavo Iñiguez Goia (09 Jan 25)
allow to filter connections by username Added new rule operand 'user.name' to filter connections by username. More info #1236
- Gustavo Iñiguez Goia (06 Jan 25)
ui: fixed closing the GUI with a popup active
- Gustavo Iñiguez Goia (04 Jan 25)
Merge pull request #1252 from e3dio/master fix #1245 UI rule deletion
- e3dio (04 Jan 25)
fix #1245
- Gustavo Iñiguez Goia (03 Jan 25)
ui: fixed acting on selected rows When selecting rows with CTRL we were not copying/deleting rules correctly. Closes #1245
- Gustavo Iñiguez Goia (03 Jan 25)
pkg,ui: rpm/deb improvements - deb: added python3-packaging dependency. - rpm: * make python3-notify2 package optional. * Added python3-packaging as dependency to load dynamically the protobuffers (python3-packaging for Fedora, python-rpm-packaging metapackage for OpenSuse).
- Gustavo Iñiguez Goia (03 Jan 25)
ui: added proto/ directory
- Gustavo Iñiguez Goia (03 Jan 25)
ui: allow to use multiple protobuffer versions Protobuffers compiled with protobuf < 3.20.0 are incompatible with protobuf >= 4.0.0: https://github.com/evilsocket/opensnitch/wiki/GUI-known-problems#gui-does-not-show-up This has been a source of problems for some users (#1214, #647), and in some distributions, previous protobuffer does no longer work due to incompatibility with the protobuf package version installed (OpenSuse Tumbleweed). So in order to solve this issue, we provide several protobuffers, for old and new protobuf versions: proto/ui_pb2* for protobuf >= 4.0.0 proto/pre3200/ui_pb2* for protobuf >= 3.6.0 and < 3.20.0 To avoid import errors, each protobuffer must be placed in its own directory, and the name of the protobuffer files must be named with the syntax <prefix>_pb2.py/<prefix>_pb2_grpc.py: ui_pb2.py and ui_pb2_grpc.py The default compiled protobuffer will be opensnitch/proto/ui_*.py instead of opensnitch/ui_*.py
- Gustavo Iñiguez Goia (30 Dec 24)
ui,stats: fixed Events search with different languages When a language other than English was used, the search in the Events did not work.
- Gustavo Iñiguez Goia (26 Dec 24)
ui,stats: improved nodes search
- Gustavo Iñiguez Goia (25 Dec 24)
pkg,deb: updated notes for grpcio issue #647
- Gustavo Iñiguez Goia (24 Dec 24)
ui,stats: fixed displaying proc details dialog
- Gustavo Iñiguez Goia (21 Dec 24)
ui: netstat/events view improvements - Clicking on a column will display the details of that item (IP, process, etc). DstIP, DstPort and UserID columns will open the details of the selected item. Clicking on the PID column will open the process monitor dialog. The rest of the columns will open the details of the process. - On the Events tab, clicking on the PID column will open the process monitor dialog.
- Gustavo Iñiguez Goia (21 Dec 24)
ui: removed hardcoded labels color It was set to blue, and when using dark themes it didn't look good.
- Gustavo Iñiguez Goia (20 Dec 24)
ui: fixed searching in tab Users
- Gustavo Iñiguez Goia (20 Dec 24)
ui: display all fields in the detail views
- Gustavo Iñiguez Goia (18 Dec 24)
ui,stats: simplified columns configuration There're only two points where we need to reconfigure the columns: on showEvent() and when saving the settings.
- Gustavo Iñiguez Goia (18 Dec 24)
ui,stats: improved restoring columns
- Gustavo Iñiguez Goia (17 Dec 24)
ui,popups: strip non-printable characters from labels Commands with non-printable characters were misaligning the labels. Now these characters are exclude from the labels, and texts are displayed as a single line.
- Gustavo Iñiguez Goia (17 Dec 24)
ui: allow to configure QT_QPA_PLATFORM from the GUI Under Wayland the GUI doesn't work entirely well (#733). Setting QT_QPA_PLATFORM to 'xcb' solves some issues, like correctly positioning popups, but users had to configure it manually. Now it's possible to configure it from the Preferences dialog. Setting it to "" will use the default option of the Desktop Environment.
- Gustavo Iñiguez Goia (17 Dec 24)
reload procmon method after fw rules There was a situation where if the ebpf modules path did not exist, the fw rules were not added, causing the daemon to crash after connecting to the GUI.
- Gustavo Iñiguez Goia (16 Dec 24)
updated network_aliases.json path - Load network_aliases.json by default from /etc/opensnitchd. - Don't exit if network_aliases.json doesn't exist. - Updated Makefile to install network aliases definitions.
- Gustavo Iñiguez Goia (16 Dec 24)
Merge pull request #1237 from nolancarougepro/lan_access_control Lan access control
- Gustavo Iñiguez Goia (16 Dec 24)
ui,stats: don't allow clicking on empty hosts In the Events tab, don't allow double clicking on the DstHost column if the cell is empty.
- Gustavo Iñiguez Goia (16 Dec 24)
ui,stats: fixed Events tab search Closes #1243
- nolancarougepro (16 Dec 24)
Alias to DstIp combobox
- Nolan CAROUGE (16 Dec 24)
Merge branch 'evilsocket:master' into lan_access_control
OpenSnitch Website
Website
GitHub: Let’s build from here · GitHub
GitHub is where over 100 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and features, power your CI/CD and DevOps workflows, and secure code before you commit it.
Redirects
Does not redirect
Security Checks
All 66 security checks passed
Server Details
- IP Address 140.82.112.4
- Hostname lb-140-82-112-4-iad.github.com
- Location San Francisco, California, United States of America, NA
- ISP GitHub Inc.
- ASN AS36459
Associated Countries
- US
Saftey Score
Website marked as safe
100%
Blacklist Check
github.com was found on 0 blacklists
- ThreatLog
- OpenPhish
- PhishTank
- Phishing.Database
- PhishStats
- URLhaus
- RPiList Not Serious
- AntiSocial Blacklist
- PhishFeed
- NABP Not Recommended Sites
- Spam404
- CRDF
- Artists Against 419
- CERT Polska
- PetScams
- Suspicious Hosting IP
- Phishunt
- CoinBlockerLists
- MetaMask EthPhishing
- EtherScamDB
- EtherAddressLookup
- ViriBack C2 Tracker
- Bambenek Consulting
- Badbitcoin
- SecureReload Phishing List
- Fake Website Buster
- TweetFeed
- CryptoScamDB
- StopGunScams
- ThreatFox
- PhishFort
Website Preview
OpenSnitch Reviews
More Firewalls
-
Provides simple and advanced ways to block access to the internet. Applications and addresses can individually be allowed or denied access to Wi-Fi and/or mobile connection.
-
Notifies you when an app is trying to access the Internet, so all you need to do is just Allow or Deny. Allows you to create filter rules based on IP address, host name or domain name, and you can allow or deny only specific connections of an app.
Not Open Source -
AFWall+
(Android - Rooted)
xdaforums.com/t/5-0-root-3-6-0-afwall-iptables-firewall-28-aug-2023.1957231Android Firewall+ (AFWall+) is an advanced iptables editor (GUI) for rooted Android devices, which provides very fine-grained control over which Android apps are allowed to access the network.
-
An open-source ad-blocker and firewall app for Android 6+ (does not require root).
-
Firewall app for iPhone, allowing you to block any connection to any domain.
Not Open Source -
Tool to control Windows Filtering Platform (WFP), in order to configure detailed network activity on your PC. (Windows)
-
Free, open source macOS firewall. It aims to block unknown outgoing connections, unless explicitly approved by the user.
-
A very polished application firewall, allowing you to easily manage internet connections on a per-app basis. (Mac OS)
Not Open Source -
Open source GUI firewall for Linux, allowing you to block internet access for certain applications. Supports both simple and advanced mode, GUI and CLI options, very easy to use, lightweight/ low-overhead, under active maintenance and backed by a strong community.
-
The ufw (Uncomplicated Firewall) is a GUI application and CLI, that allows you to configure a firewall using
iptables
much more easily. -
IPFire is a hardened, versatile, state-of-the-art Open Source firewall based on Linux. Easy to install on a raspberry Pi, since it is lightweight and heavily customizable.
-
An open source firewall tool for Linux that builds upon the Netfilter system built into the Linux kernel, making it easier to manage more complex configuration schemes with iptables.
-
Enterprise firewall and router for protecting networks, built on the FreeBSD system.
About the Data: OpenSnitch
API
You can access OpenSnitch's data programmatically via our API.
Simply make a GET
request to:
https://api.awesome-privacy.xyz/networking/firewalls/opensnitch
The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.
About the Data
Beyond the user-submitted YAML you see above, we also augment each listing with additional data dynamically fetched from several sources. To learn more about where the rest of data included in this page comes from, and how it is computed, see the About the Data section of our About page.
Share OpenSnitch
Help your friends compare Firewalls, and pick privacy-respecting software and services.
Share OpenSnitch and Awesome Privacy with your network!