Application-Level Linux Firewall OpenSnitch 1.3.0 Adds A Process Details Dialog, GUI RPM Packages

OpenSnitch Linux application firewall

OpenSnitch, an application-level firewall for Linux, has been updated to version 1.3.0 which adds a process details dialog, RPM GUI packages, and more.

Opensnitch monitors outbound connections that your applications are trying to make, preventing or permitting their connection based on a set of rules (the user is prompted to allow or deny access when no existing rules are found). The application is inspired by Little Snitch, a commercial host-based application firewall for macOS. It's made of a daemon written in Go, and a PyQt5 GUI.

The original OpenSnitch developer mentioned back in June 2019, that they are not working on this program anymore, so the project was forked (I wrote about that here). Recently though, Gustavo Iñiguez Goia, the fork developer, appears to have gotten control of the main OpenSnitch GitHub repository, releasing the latest 1.3.0 version there.

But back to OpenSnitch 1.3.0. The biggest new feature in this release is the addition of a process details dialog. It shows a process status (with used memory, pid, and much more), open files, I/O statistics, mapped memory files, stack, and environment variables.

This can be accessed by going to the Applications tab, double-clicking on an item (in the "what" column), and finally clicking on the computer icon to the left of the executable path:

OpenSnitch process details

You might also like: 3 Ways Of Installing Tor Browser On Linux (Ubuntu, Fedora, openSUSE, Etc.)

Also, with this release, there are OpenSnitch GUI RPM packages available for download. Previously, only the OpenSnitch daemon was packaged as RPM. Thanks to this, OpenSnitch is easier to install on RPM-based Linux distributions like Fedora, openSUSE, CentOS, etc.

Other changes in OpenSnitch 3.0:

  • Allow adding system rules. You can now configure iptables rules by editing the file /etc/opensnitchd/system-fw.json. OpenSnitch will ensure that the rules you have configured there are not deleted from the system
  • Allow filtering connections by destination network
  • daemon: fixed ftrace and auditd monitor method
  • daemon: fixed error when IPv6 is not enabled in the system / IPv6 handling
  • daemon: improved application rules checking
  • ui: fallback to Qt built-in icons if no valid icon theme is configured
  • ui: fixed compatibility with python3.9
Before using OpenSnitch, it's very important to note that the application has a disclaimer on its GitHub project page, saying that "This software is a work in progress, do not expect it to be bug free and do not rely on it for any type of security". 

This is how OpenSnitch works. Having the OpenSnitch daemon running in the background, and the OpenSnitch tray UI running, when an application tries to access the Internet a dialog prompt is shown asking if you want to allow or deny connections from this process (or port, etc.), once, for a number of seconds / minutes, this session or forever.

This dialog contains information like the application name, domain name / IP it's trying to connect to, port, source IP, destination IP and port, user ID and process ID.

The tray icon allows access to the OpenSnitch Statistics. From the Statistics dialog you can change the OpenSnitch preferences, see and edit the application rules, etc.

Download OpenSnitch

The OpenSnitch releases page has DEB (Debian, Ubuntu, Linux Mint, Pop!_OS, etc.) and RPM (Fedora, CentOS, openSUSE, etc.) binaries for both the daemon and the GUI. Install them both if you want to use this on your desktop.

OpenSnitch is also available on AUR, as stable or git packages for Arch Linux / Manjaro.

Gnome Shell users will need an extension like the Ubuntu AppIndicators extension (this is installed by default on Ubuntu) to be able to access the OpenSnitch tray icon.