Package OpenSnitch
Open, HighPublic

Description

While it is a relatively new (they say alpha-quality) package, the OpenSnitch software suite (https://github.com/evilsocket/opensnitch) offers some value from a security standpoint, by presenting the user with notifications when applications try to make outbound connection requests.

I'd like to suggest we package this for PureOS (with the ultimate goal of upstreaming the project) so we can evaluate whether we'd like to enable something like this by default for users.

I strongly suggest this as well. LittleSnitch, a similar program that has been around for over a decade, is the first thing I install (and recommend others install) when I work with a new OS X instance.

chris.lamb added a subscriber: chris.lamb.EditedAug 12 2018, 10:32 AM

The first step here would be to getting it into Debian. I can handle this if you like; please assign me the ticket.

the ultimate goal of upstreaming the project

Not sure what you mean by this?

(See also: https://github.com/evilsocket/opensnitch/issues/86)

Wayne added a subscriber: Wayne.Aug 12 2018, 12:43 PM

Sorry, by "upstreaming" I meant "get packaged into Debian." At the time I wrote this in February I was hoping we could get this into PureOS relatively quickly and had assumed that getting this packaged into PureOS would be faster than into Debian so I wanted to do the fast thing first if it was indeed faster.

assumed that getting this packaged into PureOS would be faster than into Debian

It might be a day-or-so faster but there are significant negatives to doing it that way, so not a net win just save 24h. ACK your assignment of this issue..

This will also require the packaging of (at least) the grpcio-tools Python package.

And possibly some extra golang packages... :)

chris.lamb triaged this task as "High" priority.Aug 18 2018, 4:46 PM
chris.lamb changed the title from "Package OpenSnitch in PureOS" to "Package OpenSnitch".

Also working on grpcio module packaging in the Python Modules team.

(Also needs python3-grpc package in Debian)

Hola si es difícil empaquetar opensnitch depende de librerías muy espesificas ,

Paquete debían
opensnitch_1.0.deb

https://sourceforge.net/projects/unknownos/files/opensnitch/

Es necesario instalar
apt-get install libnetfilter-queue1 libnetfilter-conntrack3 python3-slugify python-pyqt5 libc6 python3.7

Probado en debían Buster .

Thanks @Jonathan. It looks like your link leads to a opensnitch deb, I'll test it out. Would be cool if this was submitted to Debian, is that planned?

I'm going to unassign myself here; concentrating on Reproducible Builds. :)

chris.lamb removed chris.lamb as the assignee of this task.Feb 26 2019, 6:32 PM

Hola si es difícil empaquetar opensnitch depende de librerías muy espesificas ,

Paquete debían
opensnitch_1.0.deb

https://sourceforge.net/projects/unknownos/files/opensnitch/

Es necesario instalar
apt-get install libnetfilter-queue1 libnetfilter-conntrack3 python3-slugify python-pyqt5 libc6 python3.7

Probado en debían Buster .

@Jonathan Could you, please, post detailed instructions so I can reproduce your binary?

Jonathan added a comment.EditedMay 11 2019, 5:43 PM

hola no entiendo muy bien la pregunta
opensnitch_1.0.deb es paquete para amd64 ,
Para copilar segui las instrucciones / https://github.com/evilsocket/opensnitch

how to install in debian , (buster repository)
sudo apt-get update
sudo apt-get install libnetfilter-queue1 libnetfilter-conntrack3 python3-slugify python-pyqt5 libc6 python3.7
sudo dpkg -i opensnitch_1.0.deb

Already built it but it's unstable, buggy and freezy. It can indeed detect but not block all outbound connections.

Suggested test: WPS Office (obviously just for testing purposes)

Add Comment