[Feature Request] Retroactive rule application to backlogged connection attempts

[tredondo]

When I come back to my machine after leaving it unattended for a while, OpenSnitch can easily show multiple connection attempts to the same domain that have accumulated in the meantime:

OpenSnitch.repeated.connection.popup.after.deny.webm

Denying the first creates a rule, but the other queued requests apparently aren't filtered by the newly created rule (or I should've clicked Reject?), so they keep popping up.

Would it be possible to apply the rule to the other requests in the queue?

[gustavo-iniguez-goya]

This should not happen. I can leave a telnet in loop trying to connect to a domain, apply a rule for 30s, 1h, ... and the connection is denied as expected for the duration of the rule.

Maybe the GUI is failing to create the rule. Launch the GUI from a terminal, and change the LogLevel to DEBUG.

And post the logs when you reproduce this issue again, and/or if there's any error printed out to the terminal.

In the meantime I'll try to reproduce it.

[tredondo]

This should not happen. I can leave a telnet in loop trying to connect to a domain, apply a rule for 30s, 1h, ... and the connection is denied as expected for the duration of the rule.

Just to clarify: I didn't have any rules applicable to these connections before they were attempted. When I see the first pop-up, I click Deny, so I assume that creates the rule, but the other connection attempts had already been queued up, so I'm not surprised that the rule I had just created doesn't apply to them yet.

[gustavo-iniguez-goya]

If you can reproduce it, please try launching the GUI from a terminal, and see if prints any error when denying the request.
And between repetitive requests, try to truncate the log, deny the request and copy the log to /tmp for example, and upload it to the issue.

It looks like the GUI is not creating a valid rule, and probably that's why it's asking to take an action over and over.

[tredondo]

Sorry for the delay, I've recorded some reproductions, please let me know if they help.

OpenSnitch.repeated.prompts.for.the.same.domain.webm

OpenSnitch.repeated.prompts_20260303_134112.webm