The Linux equivalent of Little Snitch, ZoneAlarm, and similar per-application firewalls?

Important
This is an edited version of a post that originally appeared on a blog called The Michigan Telephone Blog, which was written by a friend before he decided to stop blogging. It is reposted with his permission. Comments dated before the year 2013 were originally posted to his blog.

EDIT: This article is very old and outdated. For more current information, see OpenSnitch: The Little Snitch application like firewall tool for Linux.

If you are a Mac user, you’ve probably heard of Little Snitch.  It’s a commercial (as in, not free) program that lets you allow or deny connections to the Internet from individual applications.  One reason for using such a program is to detect software that should have no reason to connect to the Internet nevertheless attempting to do so.  For example, you download a free screensaver (dumb move to start with) and it sends all the personal information it can find on you to some group of hackers on the other side of the world.  A program like Little Snitch would let you know that the screensaver  is trying to connect to the Internet, and allow you to deny that connection.  In the Windows world, I believe that ZoneAlarm has a similar capability, and it’s also a commercial (as in, not free) program.

Leopard Flower personal firewall for Linux OS screenshot
Leopard Flower personal firewall for Linux OS screenshot

It appears that these is a similar program for Linux users, and it IS free!  It’s called Leopard Flower and it’s described as a “Personal firewall for Linux OS (based on libnetfilter_queue) which allows to allow or deny Internet access on a per-application basis rather than on a port/protocol basis.”

Looking at the screenshot it appears to have very much the same per-application blocking functionality you’d get in one of those other programs.  I have not personally tried it yet, but I wanted to create a post about it so if someday in the future I am trying to remember the name of this program, I’ll know where to find it (yes, this blog does sort of serve as my long-term memory!).  🙂

Since this article was originally published, I have been made aware of another similar application called Douane: Linux personal firewall with per application rule controls – here are a couple of screenshots:

Douane personal firewall for GNU/Linux screenshot
Douane personal firewall for GNU/Linux screenshot
Duane configurator screenshot
Duane configurator screenshot

The only downside to this one is that as of this writing the only available package is for Arch Linux but if you want to try to build it for a Ubuntu or Debian system, they provide a page showing the needed dependencies.

There is an older similar program called TuxGuardian but apparently is hasn’t been updated since 2006, so I have no idea if it will even work with current versions of Linux. And as for you Android users, try the NoRoot Firewall app.

4 thoughts on “The Linux equivalent of Little Snitch, ZoneAlarm, and similar per-application firewalls?

  1. I’ve used it and it basically just does what it says – informs one when an application is trying to access the outside world. There are no bells and whistles like in commercial apps – no statistics, no fancy graphical interface.
    Keeping in mind it is the only solution of such a kind on the market for Linux, not too bad.

  2. I’m currently messing with Leopard Flower – interesting name. I’ve yet to get it work consistently. I thought I got the ncurses cli working – in fact it was working. But then after reboot running the same stuff, it was giving errors. So for me, I HOPE I can get it to work in a stable fashion. If so, it’d be nice to have a simple application based firewall to work in Linux.

    Peace

  3. NOTICE: All comments above this one were imported from the original Michigan Telephone Blog and may or may not be relevant to the edited article above.

  4. Leopard Flower is hardly ready for prime time. The documentation doesn’t even clearly explain how to install it. I have tried it and it took quite a bit of fiddling around to get it to work at all. Then it was inconsistent and I even had to reboot on some occasions to recover from it blocking all network traffic for some reason. I will give Douane a try.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.