opensnitch
ebpfsnitch
opensnitch | ebpfsnitch | |
---|---|---|
218 | 9 | |
11,140 | 696 | |
1.6% | - | |
9.0 | 0.0 | |
8 days ago | about 1 year ago | |
Python | C++ | |
GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
opensnitch
-
Little Snitch: Network Monitor and Application Firewall for macOS
Can't forget about OpenSnitch, for those of you that would rather not buy a license to do this sorta thing: https://github.com/evilsocket/opensnitch
-
Homemade application firewall for Linux
I was working on an old game; trying to understand its Network protocol, and how the binary behavior when something on the connections goes wrong, and something comes to my mind: "What if I could block the traffic to this server only for this process?" what brings me to OpenSnitch.
- OpenSnitch is a GNU/Linux interactive application firewall
-
Capturing SSL/TLS plaintext without a CA certificate using eBPF
Have you seen OpenSnitch? https://github.com/evilsocket/opensnitch
It's a Linux project that's replication what Little Snitch does on macOS - it doesn't decrypt TLS secured data but it does show and allow blocking of network connections (even if it can't see exactly what's going on inside this connections).
Combining eCapture features with OpenSnitch would be awesome. It'd be great if as well as tracking all network connection, you could flag connections sending specific data (like your name, email address, or phone number) to unexpected servers.
- OpenSnitch: GNU/Linux interactive application firewall inspired by Little Snitch
- Is Linux worth it for the average non-tech user?
-
Safari share menu now violates privacy
opensnitch has existed for a while now. I've never used it, so I can't comment on how well it works.
https://github.com/evilsocket/opensnitch
-
Plasmashell making network pings/sending data from boot?
If you prefer a GUI try https://github.com/evilsocket/opensnitch
- Why do devs refuse to let their games run on Linux?
- eBPF Verification Is Untenable
ebpfsnitch
- Notes on BPF and eBPF
-
Little Snitch Linux Alternative
Doesn't look like it's updated any more but there is eBPFSnitch
-
Landlock merged in mainline for Linux 5.13
There is a sort of opensnitch based on ebpf but not sure is fully feature completed as you intended:
https://github.com/harporoeder/ebpfsnitch
- eBPFSnitch - Linux Application Level Firewall based on eBPF and NFQUEUE
- harporoeder/ebpfsnitch
- EBPFSnitch: An eBPF based Linux Application Firewall
- EBPFSnitch: An eBPF Based Linux Application Firewall
What are some alternatives?
portmaster - 🏔 Love Freedom - ❌ Block Mass Surveillance
mysqld-bpf
picosnitch - Monitor Network Traffic Per Executable, Beautifully Visualized
firejail - Linux namespaces and seccomp-bpf sandbox
ufw-stats - ufw-stats: Show ufw actions since boot, with ip address information from RIPE database.
flathub - Issue tracker and new submissions
Pi-hole - A black hole for Internet advertisements
rustsec - RustSec API & Tooling
portmaster-windows-kext - The Windows kernel-mode driver for Portmaster integration
openbsd-wip - OpenBSD work in progress ports
LuLu - LuLu is the free open-source macOS firewall