Looking for Application-level firewall for Linux (which should be the standard and come out of the box already, if you ask me)

Anybody had any luck with Douane? Where do I find packages?



@drq, after a brief look at the kernel module, I suggest you do not use it :)

Application-level firewall for GNU/Linux is one of the projects in my long TODO-list, by the way. I've already designed architecture (KISS as usual), but haven't found time to implement it yet.

So far you can use github.com/jollheef/appvm, there's an option to run application offline, e.g.: `appvm start evince --offline`.

@dump_stack cool, but I was looking for something like Little Snitch, which will catch everything leaving my system

@drq, yes, Little Snitch rocks. Unfortunately, I haven't found useful any implementations for GNU/Linux.

Without improvements of user-space integrity checks, all that stuff is useless, because if you're able to just replace binary at the path with your own then... you know.

Sign in to participate in the conversation

lor.sh is yet another mastodon instance.