Tools compared: Linux application firewalls
Finding the right tool can be difficult. This sheet compares Douane, LPFW, OpenSnitch and TuxGuardian.
Douane is an application firewall that interacts with the user to allow or deny new network connections.
OpenSnitch is a Linux port of the popular macOS Little Snitch application firewall
LPFW is the abbreviation for LeoPard FloWer and is an application firewall for Linux.
OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.
The OpenSnitch tool relies on NFQUEUE, which is an extension for iptables. With this extension software running in userland can intercept IP packets and allow/drop them.
|Dependencies||GTK 3, Linux 3.x kernel, Python 3||iptables|
|Strenghts||The source code of this software is available||The source code of this software is available||More than 2000 GitHub stars, The source code of this software is available|
|Weaknesses||Unknown project license||No updates for a while|
|Programming language(s)||C, C++, GTK+||C++, Python||Python||C|
|Tool page (last updated)|
|Download||Project website||Clone on GitHub||Clone on GitHub||Download|
|More information||Douane review||LPFW review||OpenSnitch review||TuxGuardian review|