opensnitch | Linux interactive application firewall inspired by Little | Firewall library

by evilsocket Python Version: v1.6.0-rc.5 License: GPL-3.0

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | opensnitch Summary

opensnitch is a Python library typically used in Security, Firewall applications. opensnitch has no bugs, it has no vulnerabilities, it has a Strong Copyleft License and it has medium support. However opensnitch build file is not available. You can download it from GitHub.

OpenSnitch is a GNU/Linux application firewall.

Support

Quality

Security

License

Reuse

Support

opensnitch has a medium active ecosystem.

It has 8860 star(s) with 458 fork(s). There are 196 watchers for this library.

It had no major release in the last 12 months.

There are 76 open issues and 508 have been closed. On average issues are closed in 91 days. There are 10 open pull requests and 0 closed requests.

It has a neutral sentiment in the developer community.

The latest version of opensnitch is v1.6.0-rc.5

Quality

opensnitch has 0 bugs and 0 code smells.

Security

opensnitch has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

opensnitch code analysis shows 0 unresolved vulnerabilities.

There are 0 security hotspots that need review.

License

opensnitch is licensed under the GPL-3.0 License. This license is Strong Copyleft.

Strong Copyleft licenses enforce sharing, and you can use them when creating open source projects.

Reuse

opensnitch releases are available to install and integrate.

opensnitch has no build file. You will be need to create the build yourself to build the component from source.

Installation instructions are available. Examples and code snippets are not available.

opensnitch saves you 5024 person hours of effort in developing the same functionality from scratch.

It has 13653 lines of code, 880 functions and 93 files.

It has high code complexity. Code complexity directly impacts maintainability of the code.

Top functions reviewed by kandi - BETA

kandi has reviewed opensnitch and discovered the below as its top functions. This is intended to give you an instant insight into opensnitch implemented functionality, and help decide if they suit your requirements.

Load a firewall rule
Resets all widgets in the topWidget
Get rule by uuid
Return the node with the given address
Called when the client is listening
Reply to a reply notification
Get peer address
Create database tables
Set the schema version
Callback called when a notification is received
Callback called when the command clicked
Called when the user is clicked
Subscribe to a new node
Add a firewall rule
Setup table widget
Insert a rule into the firewall
Deal with node actions
Add a peer to the list
Double clicked
Set query string
Refresh viewport
Update apply button
Called when a tree item is clicked
Post an alert
Reimplemented to set the settings
Ask rule

Get all kandi verified functions for this library.

opensnitch Key Features

No Key Features are available at this moment for opensnitch.

opensnitch Examples and Code Snippets

No Code Snippets are available at this moment for opensnitch.

Community Discussions

Trending Discussions on opensnitch

opensnitch: changing a "process.path" rule to match command args

QUESTION

opensnitch: changing a "process.path" rule to match command args

Asked 2021-Jan-15 at 11:24

Opensnitch intro

opensnitch is an open-source security tool modeled after the MAC OS-X littlesnitch app.

I've been using Gustavo Iniguez Goya's fork of opensnitch (which is a big improvement over the original great pioneering work by Simone Margaritelli) on my desktop to limit outgoing connections based on rules. The goal is to beef-up outgoing network security, for example to catch malware or limit some "phone-home" apps from talking to the outside world.

Configuration/rules

The default rules which drive opensnitch, are created under /etc/opensnitchd/rules are stored as *.json files, one file per rule. When I use the UI to add a rule, a new *.json rule file gets created.

Example of a rule (trimmed down for brevity): ...

ANSWER

Answered 2021-Jan-15 at 11:24

Is it possible to limit such rule and allow running only a certain executable script (1st arg to /usr/bin/python) ?

You can select the option "from this command line" to filter by the whole command.

More generally: what would be the syntax, with an example, for an AND conjunction in the rule, and a clause for a regex-match vs. other arguments of the command line or remote IP-addresses, or both?

take a look at the documentation (maybe you already did... but just in case):

https://github.com/gustavo-iniguez-goya/opensnitch/wiki/Rules https://github.com/gustavo-iniguez-goya/opensnitch/wiki/Rules-editor

For example, if you wanted to filter by a particular (python) script:

[x] From this command line: ".*/usr/bin/dnsping.*"

(By the way, we finally are contributing to the original repo, so you can use latest releases from there)

Source https://stackoverflow.com/questions/65730042

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install opensnitch

Please, refer to the documentation for detailed information.

Support

For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .

Find more information at: