Provided by: opensnitch_1.5.8.1-1ubuntu0.1_amd64 bug

NAME

       opensnitchd - GNU/Linux interactive firewall application

SYNOPSIS

       opensnitchd [-rules-path path] [-cpu-profile path] [-debug] [-error] [-warning]
                   [-important] [-log-file path]... [-mem-profile path]... [-no-live-reload]
                   [-process-monitor-method name]... [-queue-num num]... [-ui-socket path]...
                   [-version] [-workers num]...

DESCRIPTION

       opensnitchd is the OpenSnitch agent that intercepts outbound connections, and send them to
       the  server.  The  server  can  be  a  GUI, a TUI, or a headless component to just log the
       network activity (a SIEM for example).  By default it'll allow all  connections,  creating
       temporal rules for you so you can review them later.

OPTIONS

       -rules-path path
              Specifies where the rules will be written to. Default "rules".

       -cpu-profile path
              A file path where the CPU data for later use will be written.

       -debug Set LogLevel to DEBUG.

       -warning
              Set LogLevel to WARNING.

       -important
              Set LogLevel to IMPORTANT.

       -log-file path
              A file path where the logs will be written to. This path can be a device file, like
              /dev/stdout to print logs to standard output.

       -mem-profile path
              A file path where the memory data will be written once the daemon exits.

       -no-live-reload
              By default daemon's rules and configuration is reloaded whenever it changes.   This
              option disables this feature.

       -process-monitor-method method
              Force  process  monitor  method,  overriding  what is defined in the configuration.
              Valid methods: ebpf, audit, proc

       -queue-num num
              Force to use this netfilter queue num. The default queue number is 0, but  if  it's
              already used by other software, you can set another queue number here.

       -ui-socket path
              Force  to  use  this  socket path, instead of the one defined in the configuration.
              The path format is unix:///path/to/socket.sock or ip:port ("127.0.0.1:50051")
              (https://github.com/grpc/grpc/blob/master/doc/naming.md)

       -version
              Prints out daemon version.

       -workers num
              Change maximum number of workers to process outbound connections.   By  default  16
              workers are launched, but if it's not enough increase this number.

FILES

       /etc/opensnitchd/rules/
              Default daemon directory rules.
       /etc/opensnitchd/default-config.json
              Default daemon configuration.
       /etc/opensnitchd/system-fw.json
              Configuration of system firewall rules (iptables/nftables).

              Firewall  rules defined here bypasses OpenSnitch interception. Use it to allow VPNs
              or other services.

DIAGNOSTICS

       OpenSnitch needs at least one firewall rule to intercept outbound connections:

       iptables -t mangle -L OUTPUT | grep NFQUEUE
              NFQUEUE all -- anywhere anywhere ctstate NEW,RELATED NFQUEUE num 0 bypass

       If you suspect that OpenSnitch blocks an application and doesn't prompt you  to  allow  or
       deny  it,  using the GUI enable the option [x] Debug invalid connections under Preferences
       -> Nodes.  Or set the configuration option InterceptUnknown to true.

       Tip: You can also add rules to the file /etc/opensnitchd/system-fw.json, to allow  network
       services without being intercepted by the daemon.

       Another way of debugging errors is by launching the daemon from the command line:

       1.  Set  LogLevel  to  DEBUG  under  Preferences  ->  Nodes  (or  LogLevel  to  0  in  the
           configuration)
       2.  Stop the daemon: systemctl stop opensnitch
       3.  Launch it from cli: /usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules/

REPORTING BUGS

       Problems      with      opensnitchd      should      be      reported      on       github
       https://github.com/evilsocket/opensnitch/issues

HISTORY

       OpenSnitch was originally written by Simone Margaritelli (evilsocket) in 2017-2018.

       In  2019, after some time of inactivity, Gustavo Iñiguez Goya started contributing, fixing
       bugs and adding new functionality, with the esential help of the community,  and  valuable
       contributions from themighty1 and calesanz among others.

SEE ALSO

       OpenSnitch Home Page ⟨https://github.com/evilsocket/opensnitch⟩

AUTHORS

       The     complete     list     of    OpenSnitch    contributors    can    be    found    on
       https://github.com/evilsocket/opensnitch