Difference between application rules and firewall / system rules #1390
-
|
I just set the firewall to "Deny" in both inbound and outbound, and I don't notice any difference. I still get popups to confirm the connections. What do these settings in the Firewall dialog do? (I already checked https://github.com/evilsocket/opensnitch/wiki/System-rules) 
|
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Hi @Bartmr , System firewall rules are regular (static) iptables/nftables rules, while the application rules are interactive (you'll be prompted to allow/deny connections) and can be dynamic (regular expressions to match processes by name, cmdline, etc). Configuring Inbound or Outbound to Deny changes the Netfilter default policy to Deny for the filter-input and mangle-output chains: 
Then if you want to open a port, for Inbound connections you have to add a system firewall rule (to allow incoming ssh connections for example). |
Beta Was this translation helpful? Give feedback.
-
|
Thank you |
Beta Was this translation helpful? Give feedback.
Hi @Bartmr ,
System firewall rules are regular (static) iptables/nftables rules, while the application rules are interactive (you'll be prompted to allow/deny connections) and can be dynamic (regular expressions to match processes by name, cmdline, etc).
Configuring Inbound or Outbound to Deny changes the Netfilter default policy to Deny for the filter-input and mangle-output chains:
Then if you want to open a port, for Inbound connections you have to add a system firewall rule (to allow incoming ssh connections for example).
For Outbound connections only the configured applications will be allowed.