Application firewall Douane for ArchLinux

onny · 2017-03-30 09:32:32

Hey,
I found out about the application firewall Douane and updated to AUR packages and it seems to be working again
You have to install a kernel module, a daemon and a user space tool to use this. After running everything, Douane asks for permission as soon an application tries to connect to the internet.

https://project-insanity.org/wp-content … 20x379.png

Further installation instructions can be found in my blog post here: https://project-insanity.org/blog/2017/ … archlinux/

What do you think about it? Do you know any alternatives?

Regards,
Jonas

-- mod edit: converted img to url tags. Trilby --

Last edited by Trilby (2017-03-30 10:44:10)

Awebb · 2017-03-30 09:58:02

Alternatives? Don't install stuff on your system you don't trust. Promoting "personal firewalls" is a good way to turn your blog promotion into a reason to filter your URL against accidental visits. Quiz: Which board rule did you just break?

Trilby · 2017-03-30 10:51:45

I have no background with which to judge the above-scare-quoted "personal firewalls", but in terms of forums rules I only see one that was clearly broken, but another that is iffy.

Onny, please see the forum guidelines on posting images. In short: don't. Post links to images, or at most small (250x250 or smaller) thumbnails.

Also see the rules about advertising a personal blog. There is some grey area here especially in community contributions: when you make something you might share it with the world via a blog, then share it here too and link to the blog. In this way a blog can bit a bit like a github or other repository page which we do allow sharing links to.

That said, this would be a much better contribution to the community if it were in a wiki page on our wiki. I don't see any douane entries on our wiki. This would allow the content to be reviewed, updated, and available well into the future for other users.

I see you've previously contributed to the wiki, but your last to Community Contribution posts instead link to your blog - you are moving in the wrong direction, please adjust your course. Continued posting of links to your blog will not be given so much leeway.

Docbroke · 2017-03-30 10:51:59

https://wiki.archlinux.org/index.php/Firewalls

progandy · 2017-03-30 13:14:03

Do you know any alternatives?

You can probably use a kernel security module that implements access control like grsecurity or selinux, and only grant select applications access to certain sockets/ips/... . You won't have a convenient GUI with permission requests, though.

Last edited by progandy (2017-03-30 13:18:03)

0strodamus · 2017-03-31 01:25:36

onny wrote:

Do you know any alternatives?

This forum posting inspired me to use TOMOYO Linux as an application firewall. I use a default policy group as outlined in the forum post to block all applications from accessing the network and another policy group to further restrict my web browsers, email programs, etc.

Thanks for uploading Douane to the AUR.

Arch Linux

#1 2017-03-30 09:32:32

Application firewall Douane for ArchLinux

#2 2017-03-30 09:58:02

Re: Application firewall Douane for ArchLinux

#3 2017-03-30 10:51:45

Re: Application firewall Douane for ArchLinux

#4 2017-03-30 10:51:59

Re: Application firewall Douane for ArchLinux

#5 2017-03-30 13:14:03

Re: Application firewall Douane for ArchLinux

#6 2017-03-31 01:25:36

Re: Application firewall Douane for ArchLinux

Board footer