Releases: gustavo-iniguez-goya/opensnitch
v1.3.0-rc.2
!!! README !!!
From v1.3.0 on all the releases are published on the original repo:
https://github.com/evilsocket/opensnitch/releases
Bug fixes pre-release
GUI
- 0b85f6b pop-ups: improved connections visualizing
- f9d9af9 replaced deprecated tostring() by tobytes() (caused errors with python3.9)
daemon
v1.3.0-rc.1
New features
-
Process details dialog:
Now from the Processes tab, after clicking on a process you can click on an icon to view details of a process.
You can monitor memory mapped files, opened files/sockets and memory consumption among other things. -
System rules:
There's a new configuration file/etc/opensnitchd/system-fw.jsonwhere you can configure system rules to block or allow connections.
More information: https://github.com/gustavo-iniguez-goya/opensnitch/wiki/System-rules
Fixes
c1e8bc3 netlink: de/serialize ipv6
c969e79 ui: fallback to Qt built-in icons if no valid icon theme configured
v1.2.0
WARNING:
The configuration file /etc/opensnitchd/default-config.json has new fields. .If you're upgrading opensnitch and you have modified it, you must replace the one you have installed with the one shipped with the packages (apt will ask you to do it).
Changes made to that file will be overwritten after installation.
Highlights
- Rules are case-insensitive by default. (see #45)
- Rules are sorted alphabetically. (see #36)
- Allow to prioritize rules. (see #36 )
- Connections can be filtered by protocols.
ftraceinterception method works again (it seems to have a descriptors leak bug though).- You can configure on the daemon (
default-config.json) and from the UI the address of the server (UI) and the log file. - Set pop-ups Default Timeout to 0 to disable connections pop-ups. It'll apply the Default Action configured.
UI
907e738 ui: configure Server Address and LogFile from the GUI
832f4fd ui: allow to clear stats in all tabs
9aa100f ui: improved showing/hiding stats window
6522a94 ui: make pop-up dialogs optionals
1c3a9d1 ui: fixed viewing stats of a node
1f6a2db ui,pop-ups: don't set the focus on the action buttons
7deb2f3 ui: fixed python3 system libs path on OpenSuse
e919bd5 ui: refresh rules list after rules deletion
d3d8aa9 ui: set an alternative theme if the default one fails or if there's none configured
Daemon
aad69e9 close log file handles when applying a configuration change
0d1e9f5 set server address and log file from the default config
e625b93 fixed switching between process monitor methods
5990560 fix a deadlock and race condition checking monitor method
ab46cca added priority and case-sensitive rules, fixes
820a6f2 added option to set priority on the rules
c2ee610 sort rules by name
4949ab1 allow to filter connections by protocol
d6cf18e show domain name when establishing a new connection
bc70423 make rules case-insensitive by default
08abdd0 go.mod: add netns as indirect dependency for netlink
Packaging
5e5a586 ui: improved GUI deb packages (allow non-interactive installations)
bc26ca4 ui deb pkg: improved post install
a7f470e daemon deb: Added support for sysvinit based systems
Thank you for all the errors and suggestions reported!
v1.0.1
GUI and daemon fixes.
UI
- Fixed crash when clicking on some columns of the General tab.
#38 (comment) - Display the popup dialog to allow/deny connections on the active desktop workspace (#43).
- Added full destination host to the popup combo boxes (#48).
- Shorten autogenerated rules names (#37)
daemon
- Do not stop working if the system does not support IPv6 protocol (#52).
- Close NFQUEUE gracefully, which releases resources and in some cases helps to not leak NFQUEUE queues(#41, b547067).
- Intercept RELATED packages, which seems to help to resolve connections PIDs in some scenarios (re/connecting to WIFI networks for example 08245a0, #10).
UI important note:
- Be sure to uninstall any previous installation of the original repo you may have, specially under /usr/local/lib/python*
- Install it from command line.
- Before reporting an issue, or if you experience any error:
https://github.com/gustavo-iniguez-goya/opensnitch/wiki/Known-problems#GUI-crash-exception-or-does-not-show-up
v1.0.0
v1.0.0
v1.0.0rc11
Bug fix release. Working towards version 1.0.0.
Important known problem
Incompatbility with kernel parameter slub_debug=FPZ (usually added as part of kernel hardening options). See #41.
If you have that parameter, you may have kernel panics.
Relevant changes
daemon
2522b8e fixed CWD parsing when using audit proc monitor method
6d24c54 fixed race conditions when manipulating rules
fc2212f return better errors if a regexp rule fails to compile
cfc32cb fixed race condition when deleting a rule
b03bbf0 fixed race conditions setting log level and monitor methods
UI
de00e89 UI: set pop-up action buttons focus
db02c4a UI: improved general tab fields filtering
0af606d UI: fixed columns sorting after restoring settings
fe63988 UI: save settings on hiding stats window
3011d9f UI: show/hide stats window by clicking on the systray icon
73eb5b6 UI: display process path if it's hidden
0c64080 UI: added CWD field.
c8b1722 UI: reset rule name when creating a new one
v1.0.0rc10-2
UI package updated. Fixes a crash when selecting a user in the User tabs.
v1.0.0rc10
A bug fix release. Thanks to Ph0rk0z, metal450, Pain-Patate, etc.. for reporting bugs and suggestions.
UI important note:
- Be sure to uninstall any previous installation of the original repo you may have, specially under /usr/local/lib/python*
- No systray icon on latest gnome-shell version.
- If it fails to install, try installing grpcio-utils manually: pip3 install grpcio-utils
- If you use LinuxMint 19.x you may need to install g++, python3-dev and python3-wheel for the UI to work.
Before reporting an issue, or if you experience any error:
https://github.com/gustavo-iniguez-goya/opensnitch/wiki/FAQs-and-common-errors
And check the existing issues (open and closed)
Relevant changes
daemon
cfc32cb fixed race condition when deleting a rule
b03bbf0 fixed race conditions setting log level and monitor methods
506b9b6 fixed daemon running with old libnetfilter_queue libs
a1bba4d send on new connection CWD and environment vars of the process
78c0da8 increase default timeout to ask for a rule
36a11b4 don't configure log level if the item does not exist in the config
6c9d9b2 added default log level to default conf
558e511 delete rules by its name without deserializing
cb4b62f Improved process path parsing (with spaces)
1331bcb Reload config after changing it from the UI.
UI
970d04f UI: added help menu to rules editor dialog
10f74b9 UI: save nodes columns size
36dd601 UI: fixed events limit on General tab
a9e6220 UI: allow to resize rules table columns and remember position
12d62f5 UI: revert main columns autosizing, allow to restore defined size
301e3db UI: improved pop-up dialog widgets resizing
374c5e2 UI: fixed pop-up dialog settings
3df6783 UI: changed Action combo by 2 buttons, CWD label
53d4959 UI: refresh rules list after deleting a rule.
61a65a3 UI: fixed high cpu usage while notification is shown
59c8a01 UI: fixed columns sort order
08cfd64 UI: allow to delete rules in batch
8cd4187 UI: fixed back icon
41b6020 UI: allow to filter data in all tabs
v1.0.0rc9
Finally we've added a rules editor, to edit or add rules from the UI. You can select multiple fields to filter, and use regular expressions to match connections/processes.
You can also manage the rules from the Rules tab (edit/delete/view connections).
UI important note:
- Be sure to uninstall any previous installation of the original repo you may have, specially under /usr/local/lib/python*
- No systray icon on latest gnome-shell version.
- If it fails to install, try installing
grpcio-utilsmanually:pip3 install grpcio-utils - If you use LinuxMint 19.x you may need to install
g++,python3-devandpython3-wheelfor the UI to work.
Before reporting an issue, or if you experience any error:
https://github.com/gustavo-iniguez-goya/opensnitch/wiki/FAQs-and-common-errors
And check the existing issues (open and closed)
Relevant changes
Daemon
061d7a2 ignore malformed rules
8569962 Added logic to handle changes/notifications from the GUI.
d8b2f41 Apply default action if a rule is disabled.
UI
1101c1e UI: allow to configure max allowed clients.
74fe3b8 UI: kill any running instance of the UI after login in
53aa721 UI: added dialog to add/modify rules from the UI
v1.0.0rc8
The main change of this release is the ability to change settings from the UI, besides performance improvements and the new node views.
UI important note:
- Be sure to uninstall any previous installation of the original repo you may have, specially under /usr/local/lib/python*
- No systray icon on latest gnome-shell version.
- If it fails to install, try installing grpcio-utils manually:
pip3 install grpcio-utils
Before reporting an issue, or if you experience any error:
https://github.com/gustavo-iniguez-goya/opensnitch/wiki/FAQs-and-common-errors
And check the existing issues (open and closed)
Relevant changes
UI
f1fd7a0 UI: improved details views, added PID field
039a393 UI: fixed race condition, improved UI performance
dac78eb UI: improve db thread locking
7ef2c1a UI: add nodes view
66bc1b1 UI: remove unused imports and instances
cf6d923 UI: fixed displaying remote statistics
2cd18f3 UI: add missing config fields if the don't exist
c444d5f UI: fixed default duration on prompt dialog
3b842a1 UI: allow to change daemon and UI options from the UI
77dddca UI: allow to resolve app icons from local and remote nodes
daemon
83ffaaa decrease log level of denied connections
6ee80b1 Allow to change settings from the UI