opensnitch is the equivalent of simplewall on windows

why does it let all traffic through when you're in a tty? it needs X to control traffic via it's u.i, but why doesn't it just block everything by default when X isnt started? that should be standard behavior, or at least there should be an option to enable and disable that (block all outgoing when X isnt detected). now i have to manually turn off my internet connection and set it to not auto start when X isn't available, and if X ever crashes i need to create some kind of script to instantly disable my internet connection so that its air tight.

like can anyone enlighten me on why they chose to do this? its essentially a massive security vulnerability, whenever X crashes you're instantly exposed. if you're in a tty you're instantly exposed. this is not logical. i dont get it

>>105632300 (OP)
safing portmaster is just better.

>>105632427
it has closed source elements. it seems sketchy

i dont like it

>>105632300 (OP)
>option to enable and disable that
There is. Did you even take 3 seconds to look at it? Am I replying to some kind of bot?

>>105633112
there isn't. the node thing doesnt work. i close my desktop gui and it still allows outbound connections (i dont use systemd btw)

>>105633149
Are you sure the daemon is running when you kill X? If you aren't using systemd then you're going to have to adapt the daemon startup to your build. That's all I can say without more info

>>105632300 (OP)
>his firewall depends on the display server to function properly
troonix is not real

>(i dont use systemd btw)
retard does things the hard way and cries about it

>>105633609
yes, i see a bunch of opensnitchd listings in htop running. in the X GUI for opensnitch under nodes i ticked "default action DENY when GUI not available"

it still lets EVERYTHING through like a whore. ping, apt downloads. every application has complete unrestricted access to the internet

> If you aren't using systemd then you're going to have to adapt the daemon startup to your build
*sigh*...linux is so gay man, every single program has issues, or it needs to be manually configured for hours to be useable. its literal torture

>>105634576
You fell for the "systemd bad" meme and only have yourself to blame. Blaming Linux at all is fucking stupid anyway because fully headless Windows is literally not even possible.

>>105634576
What's the output of 'opensnitchd -check-requirements'
If anything is missing it's likely broken in some way for your system, also restart the daemon if you haven't

>>105634613
>restart the daemon if you haven't
ffs this did it >:(

thanks anon you're awesome, im mad that it ended up just being a freaking restart

>>105634735

dudes all the a.i algorithims like grok, copilot, chatgput etc had me going down rabbit holes for hours, changing all this crap, when anon solved it instantly by telling me to restart the service. freaking hell. a.i sucks dick aswell

>>105634735
I think it's in the wiki somewhere that settings don't get updated until a daemon restart, they should really put a note in the gui. It's like that for almost all daemons though

>>105634998
sorry i went to replicate it, and i forgot i had applied this to change the settings

https://github.com/evilsocket/opensnitch/issues/1060

so you need that aswell

THEN you do /etc/init.d/opensnitchd restart

...i want to go back to windows. i dont care about any of this. how does knowing this help me. it doesnt make me smarter. it doesnt increase my ability to solve problems. it just wastes my time