The release of Portmaster 1.0 is presented, an application for organizing the operation of a firewall that provides access blocking and traffic monitoring at the level of individual programs and services. The project code is written in Go and distributed under the AGPLv3 license. The interface is implemented in JavaScript using the Electron platform. Supports Linux and Windows.
Linux uses iptables to inspect and manage traffic, and nfqueue to outsource block decision processing to user space. In the future, it is planned to use a separate kernel module for Linux. For trouble-free operation, it is recommended to use Linux kernel versions 5.7 and later (theoretically, it is possible to work on kernels starting from the 2.4 branch, but problems are observed in versions prior to 5.7). Windows uses its own kernel module to organize traffic filtering.
Supported features include:
- Monitor all network activity in the system and track the history of network activity and connections of each application.
- Automatic blocking of hits related to malicious code and movement tracking. Blocking is carried out according to lists of IP addresses and domains found to be involved in malicious activity, telemetry collection or personal data tracking. It is also possible to use ad blocking lists.
- Default encryption of DNS requests using DNS-over-TLS. Visual display in the interface of all DNS-related activity.
- Ability to create your own blocking rules and quickly block traffic of selected applications or protocols (for example, you can block P2P protocols).
- The ability to define both settings for all traffic and link filters to individual applications.
- Support for filtering and monitoring in relation to countries.
- Paying users have access to their own overlay network SPN (Safing Privacy Network), which is presented as an alternative to VPN, similar to Tor, but easier to connect. SPN allows you to bypass country blocking, hide the user's IP address, and forward connections for selected applications. The SPN implementation code is open source under the AGPLv3 license.
Source: opennet.ru