Releases: evilsocket/opensnitch
v1.6.6
Bug fixes
- fixed exporting/importing rules(1ec8a02, 0fc4239, 7519db7, #1140)
- [daemon] Remove duplicate regex in system.go for -check-requirements (496e905, by @redanaheim )
- [GUI] keep working if pyinotify fails loading (94e8156, #1132)
What has changed
Improvements
- allow to easily configure rules without the GUI (fe66f9a, #1047)
- [daemon][eBPF] performance improvement handling exit events (15fcf67)
- [daemon][eBPF] disable events on too many errors (8895d6f, #1099 #1082)
- [daemon] added more kernel config paths for checking system requirements (93a3fb7, #1117)
- [GUI] improved authentication options (ff407e7, c540975)
- [GUI] improve wording (7653a0a, by @ponychicken)
- [GUI] ignore SameFile error when enabling autostart (03439f4)
New features
- [GUI] added Reject to the list of DefaultAction(s) (91190c8, #1108)
- [GUI] allow to configure screen/themes scale factor (362c0da)
Known bugs
- DNS eBPF module does not work on armhf and i386 arquitectures (not tested with modern kernels 6.x). See the commits for more info and if you can help don't hesitate to open a PR or drop a comment :) c514946 , 9a6dfe7
- opensnitch-procs eBPF module behaves a bit erratic on arm64 architecture (not new of this release) - d2d89e2
Full Changelog: v1.6.5...v1.6.6
Downloads
You need to download the daemon and the GUI.
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable --now opensnitch.service
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x / Elementary OS 7.x / Zorin users: See this comment after installing the GUI: #647 (comment))
If you experience crashes on Wayland clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
If the above packages complain about dependencies...
please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.v1.6.5.1
- Fixed bug when using the GUI with multiple remote nodes. #1093
Full Changelog: v1.6.5...v1.6.5.1
v1.6.5
Note: if you're using the GUI with multiple remote nodes, use these GUI packages https://github.com/evilsocket/opensnitch/releases/tag/v1.6.5.1
Bug fixes
- [daemon] Fixed segfault on exit #919 , 24fd94c
- [daemon] Fixed DNS uprobes 5d33f41
- [GUI] Fixed adding rules to the db from context menu #1027 , ec3f515
What has changed
Improvements
- [daemon] Strings concatenation improvements (reduces mem usage, notably) b9ec524
- [daemon] Stop established connections monitor after n errors (not to waste resources) 871238e
- [daemon] Clean DNS eBPF hooks on exit , da99686
New features
- [daemon] Allow to configure the path of rules directory (#449, 6bd1fe8), config file (from cli) and eBPF modules (#928 5c6da0a)
- [GUI] allow to configure refresh interval (#1073 , 435dffc)
Known bugs
- DNS eBPF module does not work on armhf and i386 arquitectures. See the commits for more info and if you can help don't hesitate to open a PR or drop a comment :) c514946 , 9a6dfe7
- opensnitch-procs eBPF module behaves a bit erratic on arm64 architecture (not new of this release) - d2d89e2
- GUI crash when a pop-up is triggered from a node installed on a remote machine (#1093 , vill be fixed ASAP. Local nodes not affected)
Full Changelog: v1.6.4...v1.6.5
Downloads
You need to download the daemon and the GUI.
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable --now opensnitch.service
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes on Wayland clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
If the above packages complain about dependencies...
please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.v1.6.4
GUI bug fix release.
Bug fixes
What's Changed
- Allow to delete events from the in-memory database: #1030 , bcbfe3b
- Improved views behaviour: #1037, d1ac73c
- Restrict reading from the unix socket to the user who launched the GUI: f29e6dc
Full Changelog: v1.6.3...v1.6.4
Downloads
You need to download the daemon and the GUI.
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes on Wayland clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
If the above packages complain about dependencies...
please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.v1.6.3
Only GUI packages updated.
Bug fix
- Fixed error when setting DefaultAction to the daemon after connect to the GUI (#1017).
What's Changed
- Introduce Sqlite WAL journal mode by @lainedfles in #1011
Full Changelog: v1.6.2...v1.6.3
Downloads
Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)
v1.6.2
[updated 07/10/2023]
readme.txt.asc updated to reflect the correct checksums. The .deb/.rpm files are signed individually after being built, thus the checksums changes.
[updated 29/11/2023]
readme.txt.asc and rpm packages resigned with the proper key (#1067).
What's New
- GUI: Added "Created" column to the list of rules.
- GUI: Allow to configure nodes TLS options from the GUI.
Bugs fixed
- GUI: Fixed errors upgrading DB from previous versions (> v1.5.x) (#988)
Full Changelog: v1.6.1...v1.6.2
Downloads
Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)
v1.6.1
NEWS: Configuration changes
The configuration files default-config.json
and system-fw.json
have been updated to add new items/options.
When installing the deb packages, apt will prompt you to allow the new versions, or keep the ones you already have.
None of the new changes are mandatory, so you don't need to update them. But please, review the changes, and decide if apply them.
What's New
- Added support to secure communications between the daemon and the GUI with SSL certificates (12b4cf3)
More info: https://github.com/evilsocket/opensnitch/wiki/Nodes-authentication#nodes-authentication-added-in-v161
TODO (WIP): Configure daemon auth options from the GUI. - System fw: report any error when applying rules (8740755)
- Rules to intercept outbound connections changed (e090833, 26b8415)
Discussion with the details: #995
What's Changed
- Allow to configure GUI autostart option by @munix9 in #964
- Allow starting the GUI in background when the systray not available by @WojtekWidomski in #975
- Dinit service file by @jackffmm in #969
- Use temporary files instead of piping in ebpf Makefile by @nnsee in #985
- i18n: update Brazilian Portuguese translation by @tioguda in #974
- Add basic Traditional Chinese locale by @PeterDaveHello in #997
- Better errors when the eBPF modules fail loading (662cd2e)
Full Changelog: v1.6.0...v1.6.1
New Contributors
- @munix9 made their first contribution in #964
- @jackffmm made their first contribution in #969
- @WojtekWidomski made their first contribution in #975
- @PeterDaveHello made their first contribution in #997
Known bugs 🐞
- Ubuntu 22.04, 22.10 / LinuxMint 21.x / Pop!_OS 22.04 LTS users: See this comment after installing the GUI: #647 (comment))
Downloads
Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67
daemon
(NOTE: if the daemon doesn't autostart, enable it: ~ $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes clicking on the pop-ups: launch the GUI as follow:
~ $ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)
v1.6.0
What's new
- Added option to manage system firewall rules and policies from the GUI: https://github.com/evilsocket/opensnitch/wiki/System-rules
- Added option to integrate the daemon with SIEM systems: https://github.com/evilsocket/opensnitch/wiki/SIEM-integration
- Better and more reliable way of obtaining processes' names, paths and application icons.
- Better integration with system's stub resolvers/DNS client libraries.
- New rules filtering options: filter connections by more protocols, network interface, source port/ip, etc.
- Allow to export and import rules from the GUI.
What's Changed
- Better integration with Desktop Environments.
- Better nodes management.
- A lot of bugs fixed, and some new added (yet to be discovered).
For a more complete list of all the changes see the the v1.6.0-rc release series: https://github.com/evilsocket/opensnitch/releases
Known bugs
- Ubuntu 22.04, 22.10 / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
Downloads
Packages signed with the following GPG key: F34016AC014BAAF8C90AC730141D0D4E9FF44A67
daemon
(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / LinuxMint 21.x users: See this comment after installing the GUI: #647 (comment))
If you experience crashes clicking on the pop-ups: launch the GUI as follow:
$ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)
New Contributors since v1.5.2
- @staticssleever668 made their first contribution in #608
- @markozajc made their first contribution in #610
- @calesanz made their first contribution in #582
- @cinerea0 made their first contribution in #625
- @JeremyMahieu made their first contribution in #666
- @nberlee made their first contribution in #684
- @0xphk made their first contribution in #740
- @szimszon made their first contribution in #769
- @craftyguy made their first contribution in #780
- @JohnBlood made their first contribution in #802
- @SpencerIsGiddy made their first contribution in #827
- @Timur13240 made their first contribution in #842
- @psydbernz made their first contribution in #869
- @NRGLine4Sec made their first contribution in #870
- @154pinkchairs made their first contribution in #900
- @davide125 made their first contribution in #943
- @lahdekorpi made their first contribution in #948
- @lainedfles made their first contribution in #958
Full Changelog: v1.5.2...v1.6.0
v1.6.0-rc.5
NOTE: this version is still WIP, so be aware that it may contain bugs. If you install it, we would greatly appreciate it if you could report any issues you encounter to help us improve the software. Your feedback is invaluable !
What's new
- Allow to apply and preview themes without restarting the GUI. afc3fb8
- Added Quit menu to close the GUI. 4cf41cc
- Added option to colorize rows. cba52cf
- New Norwegian language thanks to Petter Reinholdtsen. 846b1c5
- Better integration with software centers and Desktop Environments thanks to Petter Reinholdtsen. 156e936 2c9da76 c4a9a98
What's Changed
-
Fixed error adding interception rules on old kernels (4.x). 9dfcca2
-
Several translations updated.
-
Added publication by @JohnBlood in #802
-
Added copyright and license header to daemon/main.go and ui/bin/opensnitch-ui. by @petterreinholdtsen in #817
-
Upgrade chameleons url to https by @giddygoatgaming in #827
-
Bump workflow actions by @giddygoatgaming in #828
-
Remove unused parameters by @giddygoatgaming in #829
-
Replace docs link in opensnitchd.service by @Timur13240 in #842
New Contributors
- @JohnBlood made their first contribution in #802
- @giddygoatgaming made their first contribution in #827
- @Timur13240 made their first contribution in #842
- @petterreinholdtsen Petter Reinholdtsen in #817
Full Changelog: v1.6.0-rc.4...v1.6.0-rc.5
Downloads
Packages signed with a new key: https://keyserver.ubuntu.com/pks/lookup?search=F34016AC014BAAF8C90AC730141D0D4E9FF44A67&fingerprint=on&op=index
(use dpkg-sig -k ... *.deb
to verify deb signatures.)
daemon
(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
- Ubuntu 22.04 users: See this comment 👉 after installing the GUI: #647 (comment))
- If you experience crashes on Wayland 👉 launch the GUI as follow:
$ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)
v1.6.0-rc.4
NOTE: this version is still WIP, so be aware that it may contain bugs. If you install it, we would greatly appreciate it if you could report any issues you encounter to help us improve the software. Your feedback is invaluable !
What's new
- Added initial support for ICMP and SCTP (#714) (Note: We still need to add it to eBPF).
- Added the ability to manage nodes individually, including options to export/import rules, stop/start daemon and delete a node.
- Added options to export / import rules (#326 #746)
- Added options to copy rules to the clipboard.
What's Changed
Many GUI improvements:
-
Now the views are only refreshed when the scrollbar is at the top or bottom of the view, or while scrolling up/down.
-
Rows selection is preserved when scrolling/refreshing the views, making it easier to analyze logs (somehow restoring the old good behaviour added by themighty1 that we lost some time ago).
-
CTRL-C now copies all the rows (with filters applied) if they're selected with CTRL+A.
-
All columns of the Events view are clickable.
-
daemon/Makefile: improvements to make distro packaging easier by @craftyguy in #780
Bug fixes
- nftables:
- GUI: mostly fixes related to firewall dialogs and nodes. Also fixed some regressions.
New Contributors
- @craftyguy made their first contribution in #780
Special thanks
To all of you who have reported bugs.
Full Changelog: v1.6.0-rc.3...v1.6.0-rc.4
Downloads
daemon
(NOTE: if the daemon doesn't autostart, enable it: $ sudo systemctl enable opensnitch; sudo systemctl start opensnitch
)
Other arquitectures
GUI
IMPORTANT NOTES:
-
Ubuntu 22.04 users: See this comment after installing the GUI: #647 (comment))
-
If you experience crashes clicking on the pop-ups: launch the GUI as follow:
$ QT_QPA_PLATFORM=xcb opensnitch-ui
(If the above packages complain about dependencies, use these ones)
- deb - for old distributions (Ubuntu <= 18.04)
- rpm - for old distributions (Fedora < 29)