Closed TraxXavier closed 3 years ago
any log you can provide?
<-[2m[2018-05-08 17:23:27]<-[0m <-[97m<-[104m IMP <-[0m Starting opensnitch-daemon v1.0.0b <-[2m[2018-05-08 17:23:27]<-[0m <-[97m<-[42m INF <-[0m Loading rules from /etc/opensnitchd/rules ... <-[2m[2018-05-08 17:23:28]<-[0m <-[97m<-[42m INF <-[0m Running on netfilter queue #0 ... <-[2m[2018-05-08 17:23:41]<-[0m <-[97m<-[42m INF <-[0m Connected to the UI service on /tmp/osui.sock <-[2m[2018-05-08 17:25:14]<-[0m <-[97m<-[104m IMP <-[0m Saved new rule: <-[32mallow<-[0m if <-[1mprocess.path<-[0m is '<-[33m/lib/systemd/systemd-resolved<-[0m' <-[2m[2018-05-08 17:25:14]<-[0m <-[97m<-[104m IMP <-[0m Ruleset changed due to allow-simple-libsystemdsystemd-resolved.json, reloading ... <-[2m[2018-05-08 17:25:24]<-[0m <-[97m<-[104m IMP <-[0m Ruleset changed due to allow-simple-usrlibfirefoxfirefox.json, reloading ... <-[2m[2018-05-08 17:25:24]<-[0m <-[97m<-[104m IMP <-[0m Saved new rule: <-[32mallow<-[0m if <-[1mprocess.path<-[0m is '<-[33m/usr/lib/firefox/firefox<-[0m' <-[2m[2018-05-08 17:26:57]<-[0m <-[97m<-[104m IMP <-[0m Ruleset changed due to allow-simple-snapcore4571usrlibsnapdsnapd.json, reloading ... <-[2m[2018-05-08 17:26:57]<-[0m <-[97m<-[104m IMP <-[0m Saved new rule: <-[32mallow<-[0m if <-[1mprocess.path<-[0m is '<-[33m/snap/core/4571/usr/lib/snapd/snapd<-[0m' <-[2m[2018-05-08 17:27:06]<-[0m <-[97m<-[104m IMP <-[0m Saved new rule: <-[32mallow<-[0m if <-[1mprocess.path<-[0m is '<-[33m/usr/bin/gnome-software<-[0m' <-[2m[2018-05-08 17:27:06]<-[0m <-[97m<-[104m IMP <-[0m Ruleset changed due to allow-simple-usrbingnome-software.json, reloading ... <-[2m[2018-05-08 17:30:06]<-[0m <-[97m<-[104m IMP <-[0m Saved new rule: <-[32mallow<-[0m if <-[1mprocess.path<-[0m is '<-[33m/usr/sbin/NetworkManager<-[0m' <-[2m[2018-05-08 17:30:06]<-[0m <-[97m<-[104m IMP <-[0m Ruleset changed due to allow-simple-usrsbinnetworkmanager.json, reloading ...
<-[2m[2018-05-08 17:39:31]<-[0m <-[97m<-[104m IMP <-[0m Got signal: terminated <-[2m[2018-05-08 17:39:31]<-[0m <-[97m<-[42m INF <-[0m Cleaning up ... <-[2m[2018-05-08 17:40:31]<-[0m <-[97m<-[104m IMP <-[0m Starting opensnitch-daemon v1.0.0b <-[2m[2018-05-08 17:40:31]<-[0m <-[97m<-[42m INF <-[0m Loading rules from /etc/opensnitchd/rules ... <-[2m[2018-05-08 17:40:36]<-[0m <-[97m<-[42m INF <-[0m Running on netfilter queue #0 ... <-[2m[2018-05-08 17:41:25]<-[0m <-[97m<-[42m INF <-[0m Connected to the UI service on /tmp/osui.sock
my than i already downloaded two files with wget
can you attach the contents of your /etc/opensnitchd/rules
folder as well please?
Its empty, for this test i removed all rules and rebooted, after reboot the only process i allowed temporarly was "/lib/systemd/systemd-resolved" after that wget could download files over http and transmission could connect to torrent peers, no other prompts than for the systemd-resolved were generated by the ui
oh i see ... may i ask you to repeat the test with debug logging enabled ( -debug
) then?
sure, where do i add the -debug to? trying to start opensnitch-ui complains about a unrecognized commandline how do i pass it to the daemon?
I noticed that when I restart the service after reboot it shows a message for get just fine. only after reboot it does not see it
yes it's an argument for the daemon
how do i pass a parameter to a deamon that is being started at boot? what file do i have to add the parameter to?
change the command line on /etc/systemd/system/opensnitchd.service
`[2m[2018-05-08 17:23:27][0m [97m[104m IMP [0m Starting opensnitch-daemon v1.0.0b [2m[2018-05-08 17:23:27][0m [97m[42m INF [0m Loading rules from /etc/opensnitchd/rules ... [2m[2018-05-08 17:23:28][0m [97m[42m INF [0m Running on netfilter queue #0 ... [2m[2018-05-08 17:23:41][0m [97m[42m INF [0m Connected to the UI service on /tmp/osui.sock [2m[2018-05-08 17:25:14][0m [97m[104m IMP [0m Saved new rule: [32mallow[0m if [1mprocess.path[0m is '[33m/lib/systemd/systemd-resolved[0m' [2m[2018-05-08 17:25:14][0m [97m[104m IMP [0m Ruleset changed due to allow-simple-libsystemdsystemd-resolved.json, reloading ... [2m[2018-05-08 17:25:24][0m [97m[104m IMP [0m Ruleset changed due to allow-simple-usrlibfirefoxfirefox.json, reloading ... [2m[2018-05-08 17:25:24][0m [97m[104m IMP [0m Saved new rule: [32mallow[0m if [1mprocess.path[0m is '[33m/usr/lib/firefox/firefox[0m' [2m[2018-05-08 17:26:57][0m [97m[104m IMP [0m Ruleset changed due to allow-simple-snapcore4571usrlibsnapdsnapd.json, reloading ... [2m[2018-05-08 17:26:57][0m [97m[104m IMP [0m Saved new rule: [32mallow[0m if [1mprocess.path[0m is '[33m/snap/core/4571/usr/lib/snapd/snapd[0m' [2m[2018-05-08 17:27:06][0m [97m[104m IMP [0m Saved new rule: [32mallow[0m if [1mprocess.path[0m is '[33m/usr/bin/gnome-software[0m' [2m[2018-05-08 17:27:06][0m [97m[104m IMP [0m Ruleset changed due to allow-simple-usrbingnome-software.json, reloading ... [2m[2018-05-08 17:30:06][0m [97m[104m IMP [0m Saved new rule: [32mallow[0m if [1mprocess.path[0m is '[33m/usr/sbin/NetworkManager[0m' [2m[2018-05-08 17:30:06][0m [97m[104m IMP [0m Ruleset changed due to allow-simple-usrsbinnetworkmanager.json, reloading ...
[2m[2018-05-08 17:39:31][0m [97m[104m IMP [0m Got signal: terminated [2m[2018-05-08 17:39:31][0m [97m[42m INF [0m Cleaning up ... [2m[2018-05-08 17:40:31][0m [97m[104m IMP [0m Starting opensnitch-daemon v1.0.0b [2m[2018-05-08 17:40:31][0m [97m[42m INF [0m Loading rules from /etc/opensnitchd/rules ... [2m[2018-05-08 17:40:36][0m [97m[42m INF [0m Running on netfilter queue #0 ... [2m[2018-05-08 17:41:25][0m [97m[42m INF [0m Connected to the UI service on /tmp/osui.sock
[2m[2018-05-12 07:52:35][0m [97m[104m IMP [0m Got signal: terminated [2m[2018-05-12 07:52:35][0m [97m[42m INF [0m Cleaning up ... [2m[2018-05-12 07:53:37][0m [97m[104m IMP [0m Starting opensnitch-daemon v1.0.0b [2m[2018-05-12 07:53:37][0m [97m[42m INF [0m Loading rules from /etc/opensnitchd/rules ... [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Reading rule from /etc/opensnitchd/rules/allow-simple-libsystemdsystemd-resolved.json [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Loaded rule from /etc/opensnitchd/rules/allow-simple-libsystemdsystemd-resolved.json: allow-simple-libsystemdsystemd-resolved: if([1mprocess.path[0m is '[33m/lib/systemd/systemd-resolved[0m'){ allow always } [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Reading rule from /etc/opensnitchd/rules/allow-simple-snapcore4571usrlibsnapdsnapd.json [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Loaded rule from /etc/opensnitchd/rules/allow-simple-snapcore4571usrlibsnapdsnapd.json: allow-simple-snapcore4571usrlibsnapdsnapd: if([1mprocess.path[0m is '[33m/snap/core/4571/usr/lib/snapd/snapd[0m'){ allow always } [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Reading rule from /etc/opensnitchd/rules/allow-simple-usrbingnome-software.json [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Loaded rule from /etc/opensnitchd/rules/allow-simple-usrbingnome-software.json: allow-simple-usrbingnome-software: if([1mprocess.path[0m is '[33m/usr/bin/gnome-software[0m'){ allow always } [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Reading rule from /etc/opensnitchd/rules/allow-simple-usrlibfirefoxfirefox.json [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Loaded rule from /etc/opensnitchd/rules/allow-simple-usrlibfirefoxfirefox.json: allow-simple-usrlibfirefoxfirefox: if([1mprocess.path[0m is '[33m/usr/lib/firefox/firefox[0m'){ allow always } [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Reading rule from /etc/opensnitchd/rules/allow-simple-usrsbinnetworkmanager.json [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Loaded rule from /etc/opensnitchd/rules/allow-simple-usrsbinnetworkmanager.json: allow-simple-usrsbinnetworkmanager: if([1mprocess.path[0m is '[33m/usr/sbin/NetworkManager[0m'){ allow always } [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Starting 16 workers ... [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #1 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Rules watcher started on path /etc/opensnitchd/rules ... [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Stats worker #0 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Stats worker #1 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Stats worker #2 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #15 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Stats worker #3 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #2 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #0 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #8 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #3 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #4 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #5 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #6 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #7 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #11 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #9 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #10 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #13 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #12 started. [2m[2018-05-12 07:53:37][0m [2m[30m[100m DBG [0m Worker #14 started. [2m[2018-05-12 07:53:42][0m [97m[42m INF [0m Running on netfilter queue #0 ... [2m[2018-05-12 07:53:42][0m [2m[30m[100m DBG [0m UI service poller started for socket /tmp/osui.sock [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/lib/systemd/systemd-resolved[0m -> [1m10.70.0.1[0m:53 ([32mallow-simple-libsystemdsystemd-resolved[0m) [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/lib/systemd/systemd-resolved[0m -> [1m10.70.0.1[0m:53 ([32mallow-simple-libsystemdsystemd-resolved[0m) [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.91.157 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.89.199 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.94.4 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.89.198 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.91.157 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.89.199 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.94.4 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 91.189.89.198 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 2001:67c:1560:8003::c7 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 2001:67c:1560:8003::c8 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 2001:67c:1560:8003::c7 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m New DNS record: 2001:67c:1560:8003::c8 -> ntp.ubuntu.com [2m[2018-05-12 07:53:54][0m [2m[30m[100m DBG [0m Could not find netstat entry for: 10.70.0.34 ->(udp)-> ntp.ubuntu.com:123 [2m[2018-05-12 07:54:26][0m [2m[30m[100m DBG [0m Could not find netstat entry for: 10.70.0.34 ->(udp)-> ntp.ubuntu.com:123 [2m[2018-05-12 07:54:28][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/usr/sbin/NetworkManager[0m -> [1m104.198.143.177[0m:80 ([32mallow-simple-usrsbinnetworkmanager[0m) [2m[2018-05-12 07:54:29][0m [97m[42m INF [0m Connected to the UI service on /tmp/osui.sock [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/lib/systemd/systemd-resolved[0m -> [1m10.70.0.1[0m:53 ([32mallow-simple-libsystemdsystemd-resolved[0m) [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/lib/systemd/systemd-resolved[0m -> [1m10.70.0.1[0m:53 ([32mallow-simple-libsystemdsystemd-resolved[0m) [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.136 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 216.146.43.71 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 216.146.38.70 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.135 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 162.88.96.194 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 162.88.100.200 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 162.88.100.200 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 162.88.96.194 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.135 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 216.146.38.70 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 216.146.43.71 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.136 -> checkip.dyndns.com [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m [1m[32m✔[0m[0m [1m/lib/systemd/systemd-resolved[0m -> [1m10.70.0.1[0m:53 ([32mallow-simple-libsystemdsystemd-resolved[0m) [2m[2018-05-12 07:55:17][0m [2m[30m[100m DBG [0m Could not find process id for: 10.70.0.34 (uid:1000) ->(tcp)-> checkip.dyndns.com:80 [2m[2018-05-12 07:55:30][0m [2m[30m[100m DBG [0m Could not find netstat entry for: 10.70.0.34 ->(udp)-> ntp.ubuntu.com:123 [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 162.88.100.200 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 162.88.96.194 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.135 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 216.146.38.70 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 216.146.43.71 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m New DNS record: 131.186.113.136 -> checkip.dyndns.com [2m[2018-05-12 07:55:41][0m [2m[30m[100m DBG [0m Could not find process id for: 10.70.0.34 (uid:1000) ->(tcp)-> checkip.dyndns.com:80`
"Could not find process id for" sounds to me as it may be the root of the problem
after i restart the service it works fine: [2m[2018-05-12 07:58:19][0m [97m[43m WAR [0m [1m[31m✘[0m[0m [1m/usr/bin/wget[0m -> [1mcheckip.dyndns.com[0m:80 ([31mdeny-simple-usrbinwget[0m)
The issue is reproducibly only present after reboot (i remember that the first start after compile also had that issue)
Cheers Trax
yep, there're some cases when that happens and that's pretty much the only reason why this is still not 1.0.0, i'm trying to fix that but it's not easy :)
How about in such cases still showing the prompt (with no option to make a permanent rule) and just say unidentified application cause than the user at least would have the option to allow or deny it anyways.
It's really bug, old version working well. But new version don't catch any application.
same problem, i have reinstalled it today.
Same problem, no logging or activity at all on any outgoing connection.
Very patchy. Even for those subset of applications that work. A very large proportion of the traffic is being missed. And other applications are missed entirely. If I knew how to install the old version instead, (being on ubuntu 18.04). Then I would certainly try that. But at best, it's really complex to install for the uninitiated. Due to it's required dependencies and certain other idiosyncrasies
@dreamcat4 remember this software is free and open source, you're welcome to send your contributions to improve it!
Thank you for the offer @evilsocket. But that's a decline from me. For certain other reasons which I would not wish to bother you with.... It's only so annoying because you seem so close! And due to the lack of similar options in this space, why it's so important for your project to succeed.
if it's annoying, you can help, or you can decide not to use this software ... complaining that way, without even a log one can use to debug the issues you're experiencing, doesn't change much i'm afraid.
Hi all,
I'm having this problem with chromium on Debian. What I've realized is that the simbolic link in /proc is broken:
[2019-06-18 08:19:54] DBG Could not find process by its pid 11511 for: 192.168.1.37 (uid:1010) ->(udp)-> 1.1.1.1:53
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$ file /proc/11511/exe
/proc/11511/exe: symbolic link to /usr/lib/chromium/chromium (deleted)
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$ ls -l /proc/11511/exe
lrwxrwxrwx 1 v v 0 jun 15 13:21 /proc/11511/exe -> '/usr/lib/chromium/chromium (deleted)'
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$ ls -l /usr/lib/chromium/chromium
-rwxr-xr-x 1 root root 173887520 jun 14 02:10 /usr/lib/chromium/chromium
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$ ps -p 11511
PID TTY TIME CMD
11511 tty2 01:16:28 chromium
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$
v@:~/go/src/github.com/evilsocket/opensnitch/daemon$ stat /proc/11511/exe
Fichero: /proc/11511/exe -> /usr/lib/chromium/chromium (deleted)
Tamaño: 0 Bloques: 0 Bloque E/S: 1024 enlace simbólico
Dispositivo: 4h/4d Nodo-i: 13786214 Enlaces: 1
Acceso: (0777/lrwxrwxrwx) Uid: ( 1010/ v) Gid: ( 1010/ v)
Acceso: 2019-06-17 19:11:45.984026784 +0200
Modificación: 2019-06-15 13:21:10.723839469 +0200
Cambio: 2019-06-15 13:21:10.723839469 +0200
Creación: -
In my case I'm runnning chromium under firejail, I don't know if it causes the "broken" symbolic link.
One possible solution/workaround would be to Stat the file, and maybe get rid of the " (deleted)" part. Also, if it still fails, then we could parse /proc/%d/cmdline, even if we only display the first part of a process name with spaces. And as a final option, I would even use the pid of the process, because we won't see what's the process name but at least you can see to what port and IP your PC is connecting to.
diff --git a/daemon/procmon/parse.go b/daemon/procmon/parse.go
index cca9d6d..00ae6fc 100644
--- a/daemon/procmon/parse.go
+++ b/daemon/procmon/parse.go
@@ -7,6 +7,7 @@ import (
"strings"
"github.com/evilsocket/opensnitch/daemon/core"
+ "github.com/evilsocket/opensnitch/daemon/log"
)
func GetPIDFromINode(inode int) int {
@@ -70,13 +71,24 @@ func FindProcess(pid int) *Process {
return nil
}
- if link, err := os.Readlink(linkName); err == nil && core.Exists(link) == true {
- proc := NewProcess(pid, link)
+ if _, err := os.Stat(linkName); err == nil {
+ link, err := os.Readlink(linkName)
+ if err == nil {
+ proc := NewProcess(pid, link)
- parseCmdLine(proc)
- parseEnv(proc)
-
- return proc
- }
+ parseCmdLine(proc)
+ parseEnv(proc)
+ return proc
+ } else {
+ proc := NewProcess(pid, linkName)
+ parseCmdLine(proc)
+ parseEnv(proc)
+ return proc
+ }
+ } else if os.IsNotExist(err) {
+ log.Error("FindProcess does not exist error", linkName, err)
+ } else {
+ log.Error("FindProcess error", linkName, err)
+ }
return nil
}
Hello. I am noticing the same issue and it seems to be random as far as what sneaks through. It is catching a lot of system stuff fine (gnome, networkmonitor, pacman) but most user level apps are getting through (firefox, spotify, vlc, discord). I did a reboot and it picked up Firefox but it did not pick up Spotify or Discord or any other apps. Rebooted again and it did not pick up anything.
Anything I can do to help isolate the issue better? I am not a programmer but I love this software and want to be useful if there's a way for me to be so.
We have discussed in deep detail this problem here: https://github.com/gustavo-iniguez-goya/opensnitch/issues/84
Most of these errors should be fixed with latest packages, but we still have work to do: https://github.com/evilsocket/opensnitch/releases
There's a new check ([x] Intercept unknown connections) which if you enable it a pop-up will appear when one connection can not be bind to a program.
Some applications bypass opensnitch like wget or transmission, while for firefox it works fine. It seams to be a major issue as ofcause no application should be able to bypass the tool