Linux per program firewall similar to windows and mac counterparts

linux firewall iptables
Marko Kevac picture Marko Kevac · Mar 27, 2011 · Viewed 8.8k times · Source
  1. Is it possible to create GUI firewall that works as Windows and Mac counterparts? Per program basis. Popup notification window when specific program want to send\recv data from network.
  2. If no, than why? What Linux kernel lacks to allow existence of such programs?
  3. If yes, than why there aren't such program?

P.S. This is programming question, not user one.

Answer

Erik picture Erik · Mar 27, 2011
  1. Yes it's possible. You will need to setup firewall rules to route traffic through an userspace daemon, it'll involve quite a bit of work.
  2. N/A
  3. Because they're pretty pointless - if the user understands which programs he should block from net access he could just as well use one of multiple existing friendly netfilter/iptables frontends to configure this.

Related questions

How can I remove specific rules from iptables?

I am hosting special HTTP and HTTPS services on the ports 8006 and 8007 respectively. I use iptables to "activate" the server; i.e. to route the incoming HTTP and HTTPS ports: iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT …

Read More
Connection refused to MongoDB errno 111

I have a Linode server running Ubuntu 12.04 LTS and MongoDB instance (service is running and CAN connect locally) that I can't connect to from an outside source. I have added these two rules to my IP tables, where < ip …

Read More
How can I check the hit count for each rule in iptables?

I want to know how can I find out which rule was accessed and how many times, from the access list I have created using iptables. My firewall has over 1000 input and output rules in iptbales; I want to find …

Read More