[Verification] Opensnitch and other firewall software

evilsocket / opensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

GNU General Public License v3.0

10.91k stars 509 forks source link

[Verification] Opensnitch and other firewall software #369

Closed bitpixl closed 3 years ago

bitpixl commented 3 years ago

Hi,

I'm somewhat confused about Opensnitch only tracking outgoing connections, which is fine, as long I'm able to use ... let's say gufw to configure incoming connections. Is this the case? Can they be used together? Should I configure gufw in a certain way so it doesn't interrupt Opensnitch?

Thank you in advance for explaining.

gustavo-iniguez-goya commented 3 years ago

Hi @bitpixl ,

Yes, you can use gufw or other software to handle incoming connections. Just configure gufw normally. You can also use /etc/opensnitchd/system-fw.json to insert rules in any table or chain(no GUI yet, sorry), for example:

        {
            "Rule": {
                "Description": "Block input bad state",
                "Table": "filter",
                "Chain": "INPUT",
                "Parameters": "-p tcp -m conntrack --ctstate NEW -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN",
                "Target": "DROP",
                "TargetParameters": ""
            }
        }

bitpixl commented 3 years ago

Hi @gustavo-iniguez-goya,

thank you for the clarification and keep up the great work!