search

safing / portmaster

🏔 Love Freedom - ❌ Block Mass Surveillance
https://safing.io
GNU General Public License v3.0
9.32k stars 299 forks source link

Add data usage monitoring #151

Closed mirajus-salehin closed 1 year ago

mirajus-salehin commented 4 years ago

Portmaster is really a great piece of software. Does the all things that is advertised. It will be the ultimate tool if you consider to add the following features.

dhaavi commented 4 years ago

Before I respond to your points individually, I'd like to point you to our current progress page and our roadmap.

About the points you mentioned:

  • A visual way to represent the telemetries something like monitoring graph.

There is a lot more monitoring and graphs coming - we are currently working a completely fresh UI, which will include first bits of that.

  • Network data usage monitoring.

This will take a little more time to arrive, as there is some decent amount of technical background work to be done for that.

  • Alert if a new app tries to access the network.

This is a very interesting idea, and I will talk with my colleagures about that! Thank you very much for the inspiration!

Edited to add: Internally tracked at CC#2328.

ghost commented 4 years ago

@dhaavi This project is awesome, just came here from the very nice ad from Nick, the very nice Linux YouYuber's 'The Linux Experiment' channel! I'll watch this develop with great anticipation!

  • Network data usage monitoring.

This will take a little more time to arrive, as there is some decent amount of technical background work to be done for that.

Amazing if you can do this! This can help from a privacy perspective, to see just how much an app is connecting to a particular domain / IP / port, at least if you have allowed it to, and then even what time of the day or intervals it's doing it. Obviously graphs and diagrams ('Insights') giving you per-app/process stats and pattern monitoring is the holy grail. Take that, Facebook.

  • Alert if a new app tries to access the network.

This is a very interesting idea, and I will talk with my colleagures about that! Thank you very much for the inspiration!

If this is also about blocking by default and allowing user to temporarily or permanently 'allow/deny' an app (and then per domain/ip/port), well this is the whole 'Little Snitch' idea.

If you want to check out what AFAIK is the best GUI pop-up application firewall for Linux currently in active development, it's this newer fork of OpenSnitch.

dhaavi commented 3 years ago

We now have a first version of connection prompting in v0.6.0. The Portmaster should notify you of the update.

Graphs and insights will stake take a while. ;)

ghost commented 3 years ago

I've tested it in an Ubuntu 20.04 VM and it doesn't seem to work.

Hope that feedback is helpful. I realise it's still early times for this app. Happy to test further over time.

dhaavi commented 3 years ago

I've tested it in an Ubuntu 20.04 VM and it doesn't seem to work.

From the rest of the post I'm not sure if you are reporting a bug or just giving your thoughts on how the Portmaster works. If you are reporting a bug, please create a separate bug issue, as this will allow us to efficiently handle the issue.

  • After install dependencies and the DEB (and start and enable the service), the app never finishes downloading its interface. Even after a couple of reboots and about an hour of use, it seems it doesn't finish downloading all app UI elements. (Many question mark icons.)

The question marks are shown when the backend had a problem with identifying the name of an executable. I will take a look. If you want the progress tracked, please create a new issue.

  • I've tried different settings combinations in the app's deep settings and I did see a couple times a pop-up showed to block or allow a connection request, but most of the time didn't work. (Either just blocked by default or allow.) I understand it's an early feature needing a lot more testing (and feature addition such as interactive features of how long and exactly in what way to block or allow a detected connection).

Without knowing exactly which knobs you turned which way, I cannot give a useful answer to this.

  • Also, I'm not encouraged by the fact the app itself has to 'download stuff'.

The Portmaster is quite a complex system. Packing everything into one package is not possible and a waste of bandwidth. You can check the status of all resources in the version information segment on the settings page. I am happy to explain resources that are not clear what they do.

Apart from downloading resources from the update server, the Portmaster is fully self-sufficient and does not require nor use anything else in order to work. Except of course for the configured DNS servers.

Do you also collect telemetry?

No, we don't. We do plan to collect some telemetry in the future, but it will be opt-in and you'll be able to manually review every bit before submitting.

If so, that would be really, really bad - literally the opposite of why someone would use this app for their privacy.

We are fully aware of that. That is why we are being extra careful.

It should all be offline-level blocking functionality hard-coded into the source code.

It is. See comment above.

UI fanciness is nice, update checking is also nice, but this is a sensitive use case. Users should at least be able to block your Portmaster itself with some simple iptables/nftables/ufw hack, and yet Portmaster still works to block other apps/domains/IPs/ports/etc and do everything OpenSnitch can do (in terms of convenient UX).

That's the way it is. But you don't have to block it, you can just turn off features you don't want.

Hope that feedback is helpful. I realise it's still early times for this app. Happy to test further over time.

Great!

dhaavi commented 3 years ago

One more thing to add: The Portmaster is an alternative to Little/OpenSnitch, but in the sense that it is able to solve the same problem, but an alternative in the sense that it takes another approach. While it has the option for Allow/Block dialogs, we are building the Portmaster in a way that will make them obsolete for most of the use cases. Why? For most users, they are not effective - they just start clicking allow all the time because they get tired of it.

Taza53 commented 3 years ago

image increase spacing. if click to copy path could be added it would be helpful.

dhaavi commented 3 years ago

Hey @Taza53, thanks for the hints.

We already have tasks for both of these, but it might take a while until we get to them. The issue with the spacing is also part of the bigger issue of supported screen sizes, where we are still exploring possible ways to tackle this.

In order to help us to keep track of issues here on Github, please open a new issue whenever you feel it does not fit a current issue.

jaykhandelwal commented 2 years ago

Really waiting for this to be added, you guys can refer to GlassWire if you want, it has a great implementation of this feature. Also I see that your homepage https://safing.io/portmaster/ does not contain the keyword Firewall, its more of a trending buzzword and might help in getting this project more traction, after all Portmaster does fall under the umbrella of Firewall

yoshimo commented 2 years ago

Indeed Glasswire has some pretty nice graphs and charts about network traffic by port, by application, by protocol, by date, by protocol, upstream vs downstream and connected target host. These would be a great addition to portmaster.

dhaavi commented 2 years ago

Graphs are coming in the near-ish future, although not for data usage at first. ;)

itsnotsaved commented 2 years ago

A visual way to represent the telemetries something like monitoring graph.

Graph isn't important to me like data and lot of network analysis tools have graphs

Network data usage monitoring.

It should display per app[1], per domain[2], per IP [3] basis. We must have option to view them under different timeframes otherwise difficult to read and recognize unknown/suspicious connections or collect domain for analysis purposes, blocking etc.

e.g. view for last 5 min, 1hr, 24hr. or specific time range e.g. from 5am to 8am e.g. view for specific days range, from 15 Apr to 18 Apr, Jan - June

See usage field in Glasswire (already possible to view as it)

Edit: Above i explained about viewing network activity history (domains/IP connectivity) as well. that's kind of couple feature, activities and usage (MB / GB). you can see it from above software

Alert if a new app tries to access the network.

And portmaster need alert when existing app file modified by update etc (e.g. can display with new version number or as new software). Again, Glasswire already function as it. I believe this help to detect remote access tools (malicious programs and data gathering tools)

Several users have mention about that software above and i thought to point mentioned important features and how works

Edit: two samples ("Usage" page | single page - everything) image d69394ed5f20888da6963d43f57e86fb4f93a44b

dhaavi commented 2 years ago

Hey @itsnotsaved, thanks for the great feedback and ideas!

We will take that into account when starting with this feature.

We are currently reworking the Network Monitor, which will lay the groundwork for so much more to come and will help us also build this feature.

davegson commented 2 years ago

Hey there, I just removed your last suggestion:

Alert if a new app tries to access the network.

as this has its own suggestion now: https://github.com/safing/portmaster/issues/624

just to keep things concise

Rexadev commented 2 years ago

Show realtime download/upload speed of apps

solomonrajan commented 1 year ago

Can we expect soon?

dhaavi commented 1 year ago

Portmaster can now show received and sent data.

More visuals are coming soon.