A discussion that began in 2018 about adopting OpenSnitch in Debian repositories will probably find a resolution in Debian 12.
OpenSnitch is a Linux port of the Little Snitch application firewall – a security-focused app well-known to macOS users. It is designed to be easy and flexible, allowing users to set up custom rules and control which applications can connect to the Internet.
So, suppose you’re serious about establishing a completely secure system. In that case, you’ll need to strengthen it from two angles: one with a host-based firewall for managing incoming connections and the second with a per-application firewall for controlling outbound traffic. This is where OpenSnitch comes into play.
With OpenSnitch, all outgoing connections initiated by the host’s apps are monitored, and the app notifies the user when a new outgoing connection is established. This enables you to detect and block any potentially unwanted network activities.
Unfortunately, despite Debian’s incredibly software-rich repositories, OpenSnitch has never been part of them. Just a reminder that the discussion on its inclusion began in September 2018.
However, the reasons for not adopting the software as part of the official Debian repositories so far are some issues with integrating it with the Debian packages present there, especially in part with OpenSnitch’s daemon.
Fortunately, the developers have worked hard in recent software versions to remove current obstacles, and OpenSnitch is on its way to being included in Debian repositories.
If this happens soon, it is safe to say that Debian 12 (Bookworm), scheduled for release later this summer, will delight its users with this powerful app-level firewall software. You can learn more about the app on the project’s GitHub page.