Open Snitch Firewall for Linux

0
2536

Linux is a very powerful operating system, no doubt. There are tons of customizability and administrative power over the default system. In fact, anyone can tweak the system to the best possible environment one prefers. In the arsenal of all the tools, the firewall is a very important one.

However, the default firewall present in almost all the Linux distros is pretty barebones and hard to manage. That’s not any type of problem for an advanced and experienced user, but this doesn’t appeal the slightest bit to new Linux users or every day general users. Even I find it difficult to navigate through firewall rules and managing them properly.

That’s why there are the GUI tools that can make the task a lot easier. With a clean interface and easy functions, you can manage your internet connection at your own will. Today, we’ll be doing that with the help of Open Snitch – a GUI firewall program for Linux.

Preparing system

Open Snitch has to be built from source. That won’t be an issue. Just follow the steps and everything should be fine. This program is built using the Go language, that’s why we’re going to install that first.

At first, let’s take backup of the file edits, in case of any problem.

cd ~/
cp .bash_profile ~/Documents
mv ~/Documents/.bash_profile ~/Documents/.bash_profile-backup

Run this command for editing “.bash_profile” file:

sudo nano ~/.bash_profile

At the end of the file, add the following lines:

export GOPATH=$HOME/go
export GOBIN=$HOME/go/bin

Close the editor by pressing “Ctrl + X”. When prompted, choose to save and use the default file name. Then, reload the file into system.

Download the latest version of Go from Google. At present, the latest version is go1.10.3.

For Debian/Ubuntu users, you can easily install it using a single command line.

sudo apt install golang-go python3-pip python3-setuptools protobuf-compiler libpcap-dev libnetfilter-queue-dev python-pyqt5 pyqt5-dev pyqt5-dev-tools git

Open Snitch devs only specify dependencies for Debian/Ubuntu, but for other Linux distros, you have to check out all of them by yourself. These should be available on your distro’s official repository. For installing Go, run the following commands:

wget https://dl.google.com/go/go1.10.3.linux-amd64.tar.gz
sudo tar -C /usr/local -xvzf go1.10.3.linux-amd64.tar.gz
nano ~/.bash_profile

# Add the following lines in the file
export GOROOT=/usr/local/go

# Reload the file in system
source ~/.bash_profile

Downloading and installing Open Snitch

After everything is good to go, run the following commands for getting 2 important dependencies for the firewall program.

go get github.com/golang/protobuf/protoc-gen-go
go get -u github.com/golang/dep/cmd/dep

Then, grab the Python related dependencies for Open Snitch.

python3 -m pip install --user grpcio-tool

Clone the source code of Open Snitch:

go get github.com/evilsocket/opensnitch

If you face error like Go “there are no files”, move working folder to the appropriate directory with the following command:

cd $GOPATH/src/github.com/evilsocket/opensnitch

Build the program:

make
sudo make install

Install the app daemons:

sudo systemctl enable opensnitchd
sudo systemctl start opensnitchd

Now, Open Snitch should be available through your distro’s launcher. If you didn’t find it, you can run it with the following command:

Using Open Snitch

Just keep the firewall running and you’ll get notifications on what apps are doing what things. You can easily make sure that apps are behaving according to your own needs. If you’re an advanced user and wish to try out the classic Linux firewall, check out iptables.

LEAVE A REPLY

Please enter your comment!
Please enter your name here