«

»

Sep 01 2011

The Linux equivalent of Little Snitch, ZoneAlarm, and similar per-application firewalls?

Important!

This is an edited version of a post that originally appeared on a blog called The Michigan Telephone Blog, which was written by a friend before he decided to stop blogging. It is reposted with his permission. Comments dated before the year 2013 were originally posted to his blog.

If you are a Mac user, you’ve probably heard of Little Snitch.  It’s a commercial (as in, not free) program that lets you allow or deny connections to the Internet from individual applications.  One reason for using such a program is to detect software that should have no reason to connect to the Internet nevertheless attempting to do so.  For example, you download a free screensaver (dumb move to start with) and it sends all the personal information it can find on you to some group of hackers on the other side of the world.  A program like Little Snitch would let you know that the screensaver  is trying to connect to the Internet, and allow you to deny that connection.  In the Windows world, I believe that ZoneAlarm has a similar capability, and it’s also a commercial (as in, not free) program.

Leopard Flower personal firewall for Linux OS screenshot

It appears that these is a similar program for Linux users, and it IS free!  It’s called Leopard Flower and it’s described as a “Personal firewall for Linux OS (based on libnetfilter_queue) which allows to allow or deny Internet access on a per-application basis rather than on a port/protocol basis.”

Looking at the screenshot it appears to have very much the same per-application blocking functionality you’d get in one of those other programs.  I have not personally tried it yet, but I wanted to create a post about it so if someday in the future I am trying to remember the name of this program, I’ll know where to find it (yes, this blog does sort of serve as my long-term memory!).  :)

There is a similar program called TuxGuardian but apparently is hasn’t been updated since 2006, so I have no idea if it will even work with current versions of Linux. And as for you Android users, try the NoRoot Firewall app.

3 comments

  1. Anonymous

    I’ve used it and it basically just does what it says – informs one when an application is trying to access the outside world. There are no bells and whistles like in commercial apps – no statistics, no fancy graphical interface.
    Keeping in mind it is the only solution of such a kind on the market for Linux, not too bad.

  2. tshann

    I’m currently messing with Leopard Flower – interesting name. I’ve yet to get it work consistently. I thought I got the ncurses cli working – in fact it was working. But then after reboot running the same stuff, it was giving errors. So for me, I HOPE I can get it to work in a stable fashion. If so, it’d be nice to have a simple application based firewall to work in Linux.

    Peace

  3. Admin

    NOTICE: All comments above this one were imported from the original Michigan Telephone Blog and may or may not be relevant to the edited article above.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

%d bloggers like this: