Linux is a very powerful operating system, no doubt. There are tons of customizability and administrative power over the default system. In fact, anyone can tweak the system to the best possible environment one prefers. In the arsenal of all the tools, the firewall is a very important one.
However, the default firewall present in almost all the Linux distros is pretty barebones and hard to manage. That’s not any type of problem for an advanced and experienced user, but this doesn’t appeal the slightest bit to new Linux users or every day general users. Even I find it difficult to navigate through firewall rules and managing them properly.
That’s why there are the GUI tools that can make the task a lot easier. With a clean interface and easy functions, you can manage your internet connection at your own will. Today, we’ll be doing that with the help of Open Snitch – a GUI firewall program for Linux.
Preparing system
Open Snitch has to be built from source. That won’t be an issue. Just follow the steps and everything should be fine. This program is built using the Go language, that’s why we’re going to install that first.
At first, let’s take backup of the file edits, in case of any problem.
cd ~/ cp .bash_profile ~/Documents mv ~/Documents/.bash_profile ~/Documents/.bash_profile-backup
Run this command for editing “.bash_profile” file:
sudo nano ~/.bash_profile
At the end of the file, add the following lines:
export GOPATH=$HOME/go export GOBIN=$HOME/go/bin
Close the editor by pressing “Ctrl + X”. When prompted, choose to save and use the default file name. Then, reload the file into system.
Download the latest version of Go from Google. At present, the latest version is go1.10.3.
For Debian/Ubuntu users, you can easily install it using a single command line.
sudo apt install golang-go python3-pip python3-setuptools protobuf-compiler libpcap-dev libnetfilter-queue-dev python-pyqt5 pyqt5-dev pyqt5-dev-tools git
Open Snitch devs only specify dependencies for Debian/Ubuntu, but for other Linux distros, you have to check out all of them by yourself. These should be available on your distro’s official repository. For installing Go, run the following commands:
wget https://dl.google.com/go/go1.10.3.linux-amd64.tar.gz sudo tar -C /usr/local -xvzf go1.10.3.linux-amd64.tar.gz nano ~/.bash_profile # Add the following lines in the file export GOROOT=/usr/local/go # Reload the file in system source ~/.bash_profile
Downloading and installing Open Snitch
After everything is good to go, run the following commands for getting 2 important dependencies for the firewall program.
go get github.com/golang/protobuf/protoc-gen-go go get -u github.com/golang/dep/cmd/dep
Then, grab the Python related dependencies for Open Snitch.
python3 -m pip install --user grpcio-tool
Clone the source code of Open Snitch:
go get github.com/evilsocket/opensnitch
If you face error like Go “there are no files”, move working folder to the appropriate directory with the following command:
cd $GOPATH/src/github.com/evilsocket/opensnitch
Build the program:
make sudo make install
Install the app daemons:
sudo systemctl enable opensnitchd sudo systemctl start opensnitchd
Now, Open Snitch should be available through your distro’s launcher. If you didn’t find it, you can run it with the following command:
Using Open Snitch
Just keep the firewall running and you’ll get notifications on what apps are doing what things. You can easily make sure that apps are behaving according to your own needs. If you’re an advanced user and wish to try out the classic Linux firewall, check out iptables.