I'm genuinely surprised there doesn't appear to be a Linux equivalent of Little Snitch for macOS. It's an application firewall that alerts the user when an application makes an outbound network connection and gives the user the ability to allow or deny the connection based on domain, port, duration, and more.
OpenSnitch was supposed to work like this, but it's been discontinued.
Is anyone aware of other projects?

The use case is:
Some applications I trust more than others. I want to restrict network communications specifically for the apps I don't trust.
The Linux firewall ecosystem seems to operate under the assumption that if the user opens a port, they are consenting to all programs having equal access to send traffic over that port. I don't. I want to allow my web browser and a select few others to allow outbound 443, for instance. I don't want to open 443 outbound for all apps on the system.

@unl0ckd ufw or gufw for graphical version can do some of this. I have mine set to allow ssh from only specific ips.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.