Opensnitch Versions Save

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

v1.6.5.1

3 months ago
  • Fixed bug when using the GUI with multiple remote nodes. #1093

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.5...v1.6.5.1

v1.6.5

3 months ago

Note: if you're using the GUI with multiple remote nodes, use these GUI packages https://github.com/evilsocket/opensnitch/releases/tag/v1.6.5.1

Bug fixes

  • [daemon] Fixed segfault on exit #919 , 24fd94c16877e8ae532c0cf84d86278885cbebcb
  • [daemon] Fixed DNS uprobes 5d33f4171769141a2e6550cdd67fbe2ba05e5f1b
  • [GUI] Fixed adding rules to the db from context menu #1027 , ec3f5159809febea63509dd8deefb40330df992b

What has changed

Improvements

  • [daemon] Strings concatenation improvements (reduces mem usage, notably) b9ec5242f2544ffcbef4fa62c7f7df550a7b8774
  • [daemon] Stop established connections monitor after n errors (not to waste resources) 871238e07a7504a34bc5c5b5bbe01dddac1e5e8a
  • [daemon] Clean DNS eBPF hooks on exit , da99686ab0e59eb0309829500135d8c755c19f3e

New features

  • [daemon] Allow to configure the path of rules directory (#449, 6bd1fe8b1ebbb7e7a19b4ad332fb09c0c837e9ab), config file (from cli) and eBPF modules (#928 5c6da0a8abb9b3d9723964c7a864c1e801aae08f)
  • [GUI] allow to configure refresh interval (#1073 , 435dffc0a154fd9988731ebdd18510adc70eba53)

Known bugs

  • DNS eBPF module does not work on armhf and i386 arquitectures. See the commits for more info and if you can help don't hesitate to open a PR or drop a comment :) c514946f616f2f7cff732a57a227be8cddaf9036 , 9a6dfe779770f64075d98e29155ab1678a20f236
  • opensnitch-procs eBPF module behaves a bit erratic on arm64 architecture (not new of this release) - d2d89e23592ad0af5fb13a48ff5253673e7c2926
  • GUI crash when a pop-up is triggered from a node installed on a remote machine (#1093 , vill be fixed ASAP. Local nodes not affected)

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.4...v1.6.5

Downloads

You need to download the daemon and the GUI.

daemon

(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable --now opensnitch.service)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes on Wayland clicking on the pop-ups: launch the GUI as follow: ~ $ QT_QPA_PLATFORM=xcb opensnitch-ui

If the above packages complain about dependencies... please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.

v1.6.4

6 months ago

GUI bug fix release.

Bug fixes

  • Fixed refreshing views, several exceptions: #1056, 47ca758e7c1edb0fe40b8d0a8f4491b61357c6dd, d3e118e4cf75f7d5f941f97824b4eada0587c750

What's Changed

  • Allow to delete events from the in-memory database: #1030 , bcbfe3bbe2a8beea8caa5e7034a746978ac398e8
  • Improved views behaviour: #1037, d1ac73c4169c97c2438c5c81e111a310a15cbe5d
  • Restrict reading from the unix socket to the user who launched the GUI: f29e6dcc140b1577880261016225edee041f5168

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.3...v1.6.4

Downloads

You need to download the daemon and the GUI.

daemon

(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes on Wayland clicking on the pop-ups: launch the GUI as follow: ~ $ QT_QPA_PLATFORM=xcb opensnitch-ui

If the above packages complain about dependencies... please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.

v1.6.3

8 months ago

Only GUI packages updated.

Bug fix

  • Fixed error when setting DefaultAction to the daemon after connect to the GUI (#1017).

What's Changed

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.2...v1.6.3

Downloads

Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67

daemon

(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes clicking on the pop-ups: launch the GUI as follow: ~ $ QT_QPA_PLATFORM=xcb opensnitch-ui

(If the above packages complain about dependencies, use these ones)

v1.6.2

9 months ago

[updated 07/10/2023] readme.txt.asc updated to reflect the correct checksums. The .deb/.rpm files are signed individually after being built, thus the checksums changes. [updated 29/11/2023] readme.txt.asc and rpm packages resigned with the proper key (#1067).

What's New

  • GUI: Added "Created" column to the list of rules.
  • GUI: Allow to configure nodes TLS options from the GUI.

Bugs fixed

  • GUI: Fixed errors upgrading DB from previous versions (> v1.5.x) (#988)

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.1...v1.6.2

Downloads

Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67

daemon

(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes clicking on the pop-ups: launch the GUI as follow: ~ $ QT_QPA_PLATFORM=xcb opensnitch-ui

(If the above packages complain about dependencies, use these ones)

v1.6.1

9 months ago

NEWS: Configuration changes

The configuration files default-config.json and system-fw.json have been updated to add new items/options. When installing the deb packages, apt will prompt you to allow the new versions, or keep the ones you already have.

None of the new changes are mandatory, so you don't need to update them. But please, review the changes, and decide if apply them.

What's New

  • Added support to secure communications between the daemon and the GUI with SSL certificates (12b4cf31047c69ba067d22979daf96d7eee551e1) More info: https://github.com/evilsocket/opensnitch/wiki/Nodes-authentication#nodes-authentication-added-in-v161 TODO (WIP): Configure daemon auth options from the GUI.
  • System fw: report any error when applying rules (8740755f642d503e09da6d2c4482801ff0412104)
  • Rules to intercept outbound connections changed (e090833d29738274c1d171eba53e239c1c49ea7c, 26b8415925eb1cec7eea01c43c943007a8d7451c) Discussion with the details: #995

What's Changed

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.0...v1.6.1

New Contributors

Known bugs :lady_beetle:

Downloads

Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67

daemon

(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes clicking on the pop-ups: launch the GUI as follow: ~ $ QT_QPA_PLATFORM=xcb opensnitch-ui

(If the above packages complain about dependencies, use these ones)

v1.6.0

10 months ago

What's new

What's Changed

  • Better integration with Desktop Environments.
  • Better nodes management.
  • A lot of bugs fixed, and some new added (yet to be discovered).

For a more complete list of all the changes see the the v1.6.0-rc release series: https://github.com/evilsocket/opensnitch/releases

Known bugs

Downloads

Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67

daemon

(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

Ubuntu 22.04 / LinuxMint 21.x users: See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

If you experience crashes clicking on the pop-ups: launch the GUI as follow: $ QT_QPA_PLATFORM=xcb opensnitch-ui

(If the above packages complain about dependencies, use these ones)

New Contributors since v1.5.2

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.5.2...v1.6.0

v1.6.0-rc.5

1 year ago

NOTE: this version is still WIP, so be aware that it may contain bugs. If you install it, we would greatly appreciate it if you could report any issues you encounter to help us improve the software. Your feedback is invaluable !

What's new

  • Allow to apply and preview themes without restarting the GUI. afc3fb8900b0b7b717d2ecb780d9f3e2e67c730c
  • Added Quit menu to close the GUI. 4cf41cc546746933fd0cf51add5caa2eb785a416
  • Added option to colorize rows. cba52cf3d8ceced08541a02d8440657811600245
  • New Norwegian language thanks to Petter Reinholdtsen. 846b1c5efa582c437703d318634a321766cf539c
  • Better integration with software centers and Desktop Environments thanks to Petter Reinholdtsen. 156e936ae7cefc235a0a6f6df56bafbb01ea8606 2c9da7613188993b015371c84c9430024e422817 c4a9a98944384149ac2efa9b9dc4be1c6eb4f484

What's Changed

New Contributors

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.0-rc.4...v1.6.0-rc.5

Downloads

Packages signed with a new key: https://keyserver.ubuntu.com/pks/lookup?search=F34016AC014BAAF8C90AC730141D0D4E9FF44A67&fingerprint=on&op=index

(use dpkg-sig -k ... *.deb to verify deb signatures.)

daemon

(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

  1. Ubuntu 22.04 users: See this comment :point_right: after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)
  2. If you experience crashes on Wayland :point_right: launch the GUI as follow: $ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)

v1.6.0-rc.4

1 year ago

NOTE: this version is still WIP, so be aware that it may contain bugs. If you install it, we would greatly appreciate it if you could report any issues you encounter to help us improve the software. Your feedback is invaluable !

What's new

  • Added initial support for ICMP and SCTP (#714) (Note: We still need to add it to eBPF).
  • Added the ability to manage nodes individually, including options to export/import rules, stop/start daemon and delete a node.
  • Added options to export / import rules (#326 #746)
  • Added options to copy rules to the clipboard.

What's Changed

Many GUI improvements:

  • Now the views are only refreshed when the scrollbar is at the top or bottom of the view, or while scrolling up/down.

  • Rows selection is preserved when scrolling/refreshing the views, making it easier to analyze logs (somehow restoring the old good behaviour added by themighty1 that we lost some time ago).

  • CTRL-C now copies all the rows (with filters applied) if they're selected with CTRL+A.

  • All columns of the Events view are clickable.

  • daemon/Makefile: improvements to make distro packaging easier by @craftyguy in https://github.com/evilsocket/opensnitch/pull/780

Bug fixes

  • nftables:
    • Fixed adding interception rules on new and old kernels ( ced9a249338a33f131bb1b72f747135985ab8608 , d31c4e86bf77319d6a9516e479e3cee27d19db60, #781)
  • GUI: mostly fixes related to firewall dialogs and nodes. Also fixed some regressions.

New Contributors

Special thanks

To all of you who have reported bugs.

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.0-rc.3...v1.6.0-rc.4

Downloads

daemon

(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

IMPORTANT NOTES:

(If the above packages complain about dependencies, use these ones)

v1.6.0-rc.3

1 year ago

NOTE: this version is still WIP, so bear in mind that it may have bugs. If you install it, please, report any problems and help us to improve it, your feedback is invaluable !

What's new

What's changed

  • System firewall (nftables) improvements and new features:

    • Allow to create complex rules from the GUI, hopefully in an easy manner (c28643d3fa930e362e9b9a765c75cbdccff6a905)
    • Allow to apply quotas on connections (not apps) (97b141e947167db5213a327d32d17d809e0f84ea)
    • Allow to apply rate-limits on connections (not apps) (7fcf864499d7859545dc1d351ec65eb21ea3c62a)
    • Allow to filter by IP protocols, IP addresses, UID/GID, packet metainformation (f0a9d02e94fbbda8633bc7fedcfc9f39a5087fc4, 09ec8692f7b2bcf134db0ad31fb4acba6103c029, b8d6ead3631b4b48cef86175b0b59fff3bc8a588, fc96b240008ff87d151187ad2dd7cbb5dd97ff1d)
    • Added helpers to allow inbound or outbound connections (i.e.: preconfigured rules to exclude a service/application from being intercepted) (814ed523311a4dae20bcd65d9243a5837ad4c73e)

  • Better and more capable processes interception (7cbfca6b1f4092c51467b0ec91f1e616216abe3f, c64b2df03c9f68446834d8d2857693ab8fcea3c9, 1a493b9da1d1959f302dd6e2bc2ec8b78ffed7f8) Related: #736

  • Privacy/Security enhanced: Rules files saved with restrictive permissions, allow to configure GUI's unix socket path (736c3f9c517b10217db0b30fd29897fee6b6874a, 915b325a00b955d781554fb5d1f8337908ca7f3d, 820e7d5fe9d1a35ca780b7421b1d257fe441f9a1)

  • eBPF modules are loaded from /usr/lib/opensnitchd/ebpf/ now, to avoid errors upgrading them (474a6373cf890ad5781eb1c1c9c2c3e2e9a0a40c)

  • Bug fixes.

Full Changelog: https://github.com/evilsocket/opensnitch/compare/v1.6.0-rc.2...v1.6.0-rc.3

New Contributors

Downloads

daemon

(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch)

Other arquitectures

GUI

(IMPORTANT NOTE (Ubuntu 22.04 users): See this comment after installing the GUI: https://github.com/evilsocket/opensnitch/issues/647#issuecomment-1090545284)

(If the above packages complain about dependencies, use these ones)