Add instructions for priority of rules

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

GNU General Public License v3.0

10.91k stars 509 forks source link

Add instructions for priority of rules #280

Closed medains closed 3 years ago

medains commented 5 years ago

Each connection will be filtered by one rule - the first match - it seems that the order of rules is based off the name of the rule.

So for example, if I had the following rules

Block some advertising domain
Allow port 80

If the port 80 rule had a name that sorted earlier than the blocking rule, then it would still permit http requests to the domain.

I can't be sure whether its the rule name or the filename of the rule that controls that ordering.

crabvk commented 4 years ago

Looks like rules order is based on filename order. I had to rename deny-any-google-analytics.json to 001-deny-any-google-analytics.json for it to take presedence over allow-simple-usrlibfirefox-developer-editionfirefox.json

gustavo-iniguez-goya commented 3 years ago

Hi!

With latest version you can prioritize rules as follow:

name the rule in alphabetical order.
check [x] Priority in the rules editor.

Please, close the issue if it works :)

gustavo-iniguez-goya commented 3 years ago

https://github.com/gustavo-iniguez-goya/opensnitch/wiki/Rules