First RC release of the next v1.7.0.
New features
Connections filtering:
- Allow to filter connections by:
- md5: 7a9bb17 (#413). Note: Not enabled by default. Configurable from the GUI and file configuration.
- parent(s) path: 2509d21 (#406). Note: Not configurable from the GUI yet.
- username: ff3ac66 (#1236). Note: Not configurable from the GUI yet.
- list of md5 checksums (ced8410). Note: Not configurable from the GUI yet.
- Lan access control by @nolancarougepro in #1237
Scheduled tasks
- tasks: 9e0f3a4.
- tasks: added sockets monitor task (netstat / ss similar feature) (83fad69 , #1112).
- tasks: new task nodemonitor (5861354). WIP: the GUI part not totally finished yet.
Configuration
- Allow to configure default outbound policy: 7fd436a (#1183, #884, #1201).
- Allow to configure rules directory (211c864, #449).
- Allow to configure eBPF modules path (ffb7668).
- Allow to configure system firewall configuration file (bb95a77, 54ac5a3).
- Allow to configure internal options:
- Golang GC percentage (dc43d59).
- Flush connections on start (8e9c1d2).
- Max Stats and events to keep in memory when the daemon is not connected to the GUI (server).
- Interception queue number (efc0566).
- nfqueue bypass flag (6622df9).
- eBPF options (eede54c).
- Interception rules monitoring interval (54ac5a3).
- New log level Trace (only configurable via default-config.json, LogLevel: -1)
GUI
-
plugins (WIP) (2a233c1 , cba52cf)
(functional, but not configurable from the GUI yet).- Highlight: colorize cells or rows based on patterns.
- Downloader: a simple downloader which downloads files to local directories, for example to download blocklists.
- Virustotal: a plugin to analyze IPs, domains and checksums with the API of virustotal when a new popup is fired.
-
netstat view: #1112
What's Changed
GUI
- popups redesigned to add more context on the process and the connection.
Configuration
eBPF
- Better interception of some (UDP) connections (63a3b4e, #1246).
- Clean dns ebpf hooks on exit (785500c).
- performance improvement for opensnitch-procs (7442bec).
- fixed dns uprobes (1518cb3).
Others
- Improved integration with 3rd party software (SIEM, loggers, ...) (64a698f).
- Remove duplicate regex in system.go for -check-requirements by @redanaheim in #1139
- ebpf_prog/Makefile: several improvements by @ariel-anieli (#1187, #1185, #1229)
- Make example explanation consistent with regex - take #2 by @atriwidada in #1209
- fix #1245 UI rule deletion by @e3dio in #1252
- ui: make sure 'service' variable is set by @staticssleever668 in #1255
- ui: dialogs: stats: optimize string format by @MEschenbacher in #1266
- Indonesian translation by @atriwidada in #1195
- New Czech, Hindi, Italian and Swedish translations.
New Contributors
- @chncaption made their first contribution in #992
- @Huoxi-any made their first contribution in #1036
- @ponychicken made their first contribution in #1135
- @redanaheim made their first contribution in #1139
- @ariel-anieli made their first contribution in #1185
- @abuturabofficial made their first contribution in #1179
- @atriwidada made their first contribution in #1195
- @C0rn3j made their first contribution in #1198
- @nolancarougepro made their first contribution in #1237
- @e3dio made their first contribution in #1252
- @jermanuts made their first contribution in #1265
- @MEschenbacher made their first contribution in #1266
Full Changelog: v1.6.3...v1.7.0-rc.1
Downloads
You need to download the daemon and the GUI.
GUI
IMPORTANT NOTES:
Ubuntu 22.04 / PopOS! 22.x / LinuxMint 21.x / Elementary OS 7.x / Zorin users: See this comment after installing the GUI: #1214 (comment))
If you experience crashes on Wayland clicking on the pop-ups: open the Preferences and select "xcb" as the "Qt platform plugin", in the UI tab.`
If the above packages complain about dependencies...
please, ask on the Discussion forum to generate packages for old distributions, specifying your distribution and kernel.daemon
(NOTE: if the daemon doesn't autostart, you need to enable it: ~ $ sudo systemctl enable --now opensnitch.service)