Has anyone used or looked at Portmaster? If you have, I would appreciate if you shared your findings.
Looks like an interesting project.
https://github.com/Safing/portmaster
I haven’t used it but from the documentation it looks like it is using iptables
under the covers on Linux.
Thanks for taking a look! It’s still in Alpha but I am tempted to give it a try. I might do it in a VM to see how it works.
My only advice is to keep in mind you are more less completely trusting that application with your security.
If there aren’t a lot of eyes on the code, that would be concerning to me.
Thanks for your concern! Of course you are right. Perhaps it would be better to let some time pass and wait for it to mature. By then maybe more people will be looking at it.
The only way to completely be safe is to unplug.
Opensnitch is a firewall application which provides granular control over the network traffic much like the project mentioned in OT. It provides - mostly - the features as LittleSnitch on macOS
That said the Pi-Hole project is a much more mature project which can be run standalone e.g. on a laptop. Many member will already know Pi-Hole
I gave portmaster a try, they provide a package build for Arch. It’s very pretty and the concept is fuckin amazing. Lots of little tweaks in the program itself that add to the whole experience. Worked pretty well for me in general, though I think the interface could use a panel a la OpenSnitch where you see all traffic in one place. There were some instances of connections that it couldn’t identify the source of for me and just called it “unknown application”.
Techlore did a video about it:
But yea, pi-hole is super worth the investment. Really highly recommend using one.
Thanks @jiibus for sharing your experience with Postmaster. By the looks of it could be a nice app when it comes of age. But for now, judging by responses in this thread and posts in other threads, it seems going into the pi-hole is generally recommended. I should be taking some time and read up on how to set it up.
I became curios about portmaster - installed it - and it was a nice experience.
I immediately noted how my MS SQL instance was blocked from phoning home - but I knew that it did - it was a deliberate choice - but I reckon the app indeed has an audience.
My experience may be due to my unusual LAN setup - I use a subdomain of a real domain on public DNS where the public DNS point to a name server on my LAN.
The default settings appears reasonable for a test ride but in my opinion they are paranoid - e.g. in my case SSH access inside my LAN is blocked - I was stunned at first but then I realized it was portmaster.
When I digged into how to allow SSH it turned out to be a rabbit hole and I barely found my way out.
So I disabled the service
Sounds great! Thanks for the sharing of your experience and findings. I haven’t had time to look further into this but I hope I’ll be able to during this weekend.
Looks pretty:
It also shows someone is probing my ssh server (and failing because of tcp-wrappers).