Installing Open Snitch in Qubes

OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.

OpenSnitch a free opensource selfhosted outbound application firewall made for Linux!

OpenSnitch a free opensource selfhosted outbound application firewall made for Linux.

I am leery of the consequences of installing this in Dom0.
I should create a clone of a Template, and install it there.

I am looking of what I should be doing with WiFi, to prevent cross talk, or should I use, one Qube corrupting another ones internet. Or is that already fixed in 4.1?

I have discovered that in using Open Snitch with Mint Linux, that when I save a file to my disc, LibreOffice Writer attempts to open up internet connections to what appears Synchronizing to my home Network, which I never allowed, or have. I wonder how many other Apps have unknown behavior?

Oh wow, leaving little snitch behind was my only woe from moving from macOS to linux. This is awesome and also very interested in best practice for implementing this in qubes - granular control and accessible to non technical users!

I agree! Little Snitch is essential on the macOS and every time I use a mac I’m reminded how much I wish I had this kind of granular control from a GUI on my daily driver Qubes machine.

If open snitch is now up to the level of little snitch, it’s definitely worth considering. I’m going to add it to my list of things to investigate, but in the meantime it would be great to hear from Qubes users who may already be using it.

I’d also be leery of this, although it would seem natural to use in place of the existing firewall rules GUI in Qubes.

If you search the Forum you’ll find other threads on OpenSnitch.
I did provide some packages for people to try out.

It has no place in dom0, but would have to be installed in templates and
run in qubes.
It’s possible to run a report qube which amalgamates reports from
individual qubes.
Sometimes the reports and popups are generated after the event has
occurred. I didn’t investigate the reason for this, or if it could be
fixed by allocating more resources.

If you want an application firewall it seems fine, but I would not rely
on it. I would examine the reasons why you think it would be of value,
and consider whether Qubes provides existing mechanisms to deal with those
risks.

I never presume to speak for the Qubes team.
When I comment in the Forum or in the mailing lists I speak for myself.
1 Like

This post belongs into ‘User Support’. Moved it there. If your post is of the form “How do I …?” or “Should I …?” it very likely is a ‘User Support’ question and has a definitive answer (aka ‘Solution’).

1 Like

I can’t speak to Open Snitch, but, in addition to a powerful GUI, Little Snitch has alert mode, which allows one to create firewall rules in real time based on observed traffic at the network level. Ublock Origin offers something similar in terms of ease of use, but only within the browser.