make opensnitch installable for systemdless systems

labrona · 2021-12-26 10:54:16

I have devuan (systemdless debian) and i can't install opensnitch without systemctl.
Can you please make it possible to install opensnitch without systemd?

Yes, manually

root@refracta:~# opensnitchd
[2021-12-09 11:40:22] IMP Starting opensnitch-daemon v1.4.1
[2021-12-09 11:40:22] INF Loading rules from /root/rules ...
[2021-12-09 11:40:22] !!! Path '/root/rules' does not exist
root@refracta:~# mkdir rules
root@refracta:~# opensnitchd
[2021-12-09 11:40:39] IMP Starting opensnitch-daemon v1.4.1
[2021-12-09 11:40:39] INF Loading rules from /root/rules ...
OK: libnetfiler_queue supports nfq_get_uid
OK: libnetfiler_queue supports nfq_get_uid

OpenSnitch is a GNU/Linux port of the Little Snitch firewall. You can launch the GUI from the icon or from the system menu. The daemon will start intercepting connections, prompting you to allow or deny them. If you don't apply an action, after 15 seconds (configurable) it'll apply the default action configured. When you open the GUI, you'll see all the connections and processes that the daemon has intercepted.

https://github.com/evilsocket/opensnitch/releases

I installed Opensnitch on a systemdless system : DevuanDog from Fredx. It runs on this OS without a glitch.

Also, thanks to some research done on internet, i found an alternative to Opensnitch, called Douane. There is an installer available for Debian. I did an install on Refracta, but i could not make it launch on my machine (maybe because i still use Refracta from ascii).

johnny@refracta:~/douane-installer$ ./douane-installer
Traceback (most recent call last):
File "./douane-installer", line 41, in <module>
from installer.application import Application
File "/home/johnny/douane-installer/src/installer/application.py", line 79
self.logger.debug(f'Setting the page {page.__class__.__name__} '
^
SyntaxError: invalid syntax

It's good to have a firewall for incoming connections, but we should all have a firewall for outgoing connections as well, such as Opensnitch or Douane.

Head_on_a_Stick · 2021-12-26 13:56:56

The opensnitch .deb already supplies an init script but they don't use dh_installinit(1) correctly so you have to enable it yourself:

# update-rc.d opensnitch defaults

labrona wrote:

we should all have a firewall for outgoing connections as well

The stock nftables package can deal with both outgoing and incoming connections but see https://dev1galaxy.org/viewtopic.php?id=2889 for starting it at boot.

Windows-style firewalls are generally considered unnecessary in GNU/Linux because we can read the source code of any installed packages to check what they're doing.

The officially official Devuan Forum!

#1 2021-12-26 10:54:16

make opensnitch installable for systemdless systems

#2 2021-12-26 13:56:56

Re: make opensnitch installable for systemdless systems

Board footer