AUR (en) - opensnitch-git

Search Criteria

Enter search criteria

Search by

Keywords

Out of Date

Sort by

Sort order

Per page

Package Details: opensnitch-git 1.7.2.r34.cb2feeb6-1

Package Actions

Git Clone URL:	https://aur.archlinux.org/opensnitch-git.git (read-only, click to copy)
Package Base:	opensnitch-git
Description:	A GNU/Linux port of the Little Snitch application firewall
Upstream URL:	https://github.com/evilsocket/opensnitch
Licenses:	GPL3
Conflicts:	opensnitch
Provides:	opensnitch
Submitter:	None
Maintainer:	lsf
Last Packager:	lsf
Votes:	44
Popularity:	1.15
First Submitted:	2017-05-03 14:15 (UTC)
Last Updated:	2025-10-27 08:37 (UTC)

Dependencies (22)

hicolor-icon-theme (hicolor-icon-theme-git^AUR)
libnetfilter_queue (libnetfilter_queue-git^AUR)
libpcap (libpcap-git^AUR)
python-grpcio
python-notify2
python-protobuf (python-protobuf-git^AUR, python-protobuf-21^AUR)
python-pyinotify
python-pyqt6 (python-pyqt6-pre-release^AUR)
python-slugify
git (git-git^AUR, git-gl^AUR) (make)
go (go-git^AUR, gcc-go-git^AUR, gcc-go-snapshot^AUR, go-bin^AUR, goup-rs^AUR, gcc-go) (make)
python-build (make)
python-grpcio-tools (make)
python-installer (make)
python-jaraco.text (make)
python-setuptools (make)
python-wheel (make)
qt6-tools (make)
logrotate (logrotate-git^AUR, logrotate-selinux^AUR) (optional) – logfile rotation
opensnitch-ebpf-module-git^AUR (optional) – eBPF process monitor method (non-hardened kernel only)
Show 2 more dependencies...

Required by (3)

opensnitch-ebpf-module-git (requires opensnitch)
respect-my-internet-git
simple-stateful-firewall-git (requires opensnitch) (optional)

Sources (6)

Latest Comments

1 2 3 4 5 6 .. 19 Next › Last »

ryan.steed commented on 2025-11-26 20:03 (UTC)

Indeed, as mentioned in the out-of-date flag message. However, it's no longer necessary to patch the debian package service because it's not added into the package. Take a look at https://gitlab.com/ryan-steed-usa/shared-files/-/tree/opensnitch-git/opensnitch-git

uffe commented on 2025-11-26 11:19 (UTC) (edited on 2025-11-26 11:29 (UTC) by uffe)

Upstream opensnitch have moved the opensnitchd.service file - so this AUR does not build anymore...

opensnitchd.service have moved from: daemon/opensnitchd.service to: daemon/data/init/opensnitchd.service

Hence the fix-systemd-service.patch should look like this

diff --git a/daemon/opensnitchd.service b/daemon/opensnitchd.service
index 3f05fad..0aea7fc 100644
--- a/daemon/data/init/opensnitchd.service
+++ b/daemon/data/init/opensnitchd.service
@@ -4,9 +4,7 @@ Documentation=https://github.com/evilsocket/opensnitch/wiki

 [Service]
 Type=simple
-PermissionsStartOnly=true
-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
-ExecStart=/usr/local/bin/opensnitchd -rules-path /etc/opensnitchd/rules
+ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules
 Restart=always
 RestartSec=30
 TimeoutStopSec=10
diff --git a/utils/packaging/daemon/deb/debian/opensnitch.service b/utils/packaging/daemon/deb/debian/opensnitch.service
index b4301a5..6fc91f3 100644
--- a/utils/packaging/daemon/deb/debian/opensnitch.service
+++ b/utils/packaging/daemon/deb/debian/opensnitch.service
@@ -1,13 +1,11 @@
 [Unit]
 Description=Application firewall OpenSnitch
-Documentation=https://github.com/gustavo-iniguez-goya/opensnitch/wiki
+Documentation=https://github.com/evilsocket/opensnitch/wiki
 Wants=network.target
 After=network.target

 [Service]
 Type=simple
-PermissionsStartOnly=true
-ExecStartPre=/bin/mkdir -p /etc/opensnitchd/rules
 ExecStart=/usr/bin/opensnitchd -rules-path /etc/opensnitchd/rules
 Restart=always
 RestartSec=30

SHA256 and install commands related to daemon dir in PKGBUILD should be updated accordingly

ccorn commented on 2025-10-26 00:05 (UTC)

With Qt6, there is no longer a pyrcc5. Accordingly, (in a chroot) the build fails.

The following seems to work:

@@ -121,7 +121,9 @@ build() {
   popd

   pushd ui
-  pyrcc5 -o opensnitch/resources_rc.py opensnitch/res/resources.qrc
+  # https://stackoverflow.com/questions/66099225/how-can-resources-be-provided-in-pyqt6-which-has-no-pyrcc
+  /usr/lib/qt6/rcc -g python opensnitch/res/resources.qrc | \
+  sed '0,/PySide6/s//PyQt6/' > opensnitch/resources_rc.py
   # NOTE: yes, we do need this.
   # Arch upstream uses a patch, but _also_ includes pb files pre-generated
   # so it fails for this PKGBUILD.

Joomzie commented on 2025-09-15 13:10 (UTC)

It's also worth mentioning that python-pyqt6 should be installed as a runtime dependency. And I'm not sure if this is unique to myself since it doesn't seem anyone else has had this problem, but python-nspektr was causing my build to fail entirely, and I had to take it out of the PKGBUILD. Thankfully, it doesn't seem like this is actually a necessary dependency, and @uffe's workaround worked once I cut it out.

uffe commented on 2025-09-15 09:28 (UTC)

With the help of the opensnitch community I've now found a fix for the build error (https://github.com/evilsocket/opensnitch/issues/1429#issuecomment-3291090773)

To fix this issue please add the following to the bottom of the 'prepare' PKGBUILD function:

sed -i.orig 's/grpc_tools.protoc/grpc_tools.protoc --experimental_editions/' "${srcdir}/opensnitch/proto/Makefile";

uffe commented on 2025-09-02 09:28 (UTC)

Build error:

==> Starting pkgver()...
==> Updated version: opensnitch-git 1.7.2.r11.1e389399-1
==> Sources are ready.
==> Making package: opensnitch-git 1.7.2.r11.1e389399-1 (2025-09-02T11:27:02 CEST)
==> Checking runtime dependencies...
==> Checking buildtime dependencies...
==> WARNING: Using existing $srcdir/ tree
==> Starting pkgver()...
==> Starting build()...
go: finding module for package github.com/golang/protobuf/protoc-gen-go
go: downloading github.com/golang/protobuf v1.5.4
go: downloading google.golang.org/protobuf v1.33.0
go: downloading google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0
go: downloading google.golang.org/grpc v1.3.0
go: downloading google.golang.org/protobuf v1.28.1
~/.cache/yay/opensnitch-git/src/opensnitch/proto ~/.cache/yay/opensnitch-git/src/opensnitch
protoc -I. ui.proto --go_out=../daemon/ui/protocol/ --go-grpc_out=../daemon/ui/protocol/ --go_opt=paths=source_relative --go-grpc_opt=paths=source_relative
python3 -m grpc_tools.protoc -I. --python_out=../ui/opensnitch/proto/ --grpc_python_out=../ui/opensnitch/proto/ ui.proto
WARNING: All log messages before absl::InitializeLog() is called are written to STDERR
E0000 00:00:1756805242.153656   30371 command_line_interface.cc:1557] Built-in generator --grpc_python_out specifies a maximum edition 2023 which is not the protoc maximum 2024.
make: *** [Makefile:7: ../ui/opensnitch/ui_pb2.py] Error 1
==> ERROR: A failure occurred in build().
    Aborting...
 -> error making: opensnitch-git-exit status 4

eniac commented on 2025-06-16 12:31 (UTC) (edited on 2025-06-29 04:31 (UTC) by eniac)

Edit: it works now, thanks for updating it

Patches don't seem to work with the latest changes:

==> Starting prepare()...
patching file ui/setup.py
patching file daemon/opensnitchd.service
patching file utils/packaging/daemon/deb/debian/opensnitch.service
patching file ui/bin/opensnitch-ui
Reversed (or previously applied) patch detected!  Assume -R? [n]

MonkeeSage commented on 2025-01-05 06:10 (UTC) (edited on 2025-01-05 06:11 (UTC) by MonkeeSage)

New commit upstream moved generated files location: https://github.com/evilsocket/opensnitch/commit/5dd4ef06bb2ed23bb86e37eb02f2453aa6584573

"The default compiled protobuffer will be opensnitch/proto/ui_*.py instead of opensnitch/ui_*.py"

Just changing the sed path to the new location seems to work fine.

diff --git a/PKGBUILD b/PKGBUILD
index f619fd1..9c88098 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -122,7 +122,7 @@ build() {
   # not seeing the files to be fixed with this in the tree _before_ building
   # made me assume they were just not there anymore (and thus no need for the fix).
   # I was wrong.
-  sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/ui_pb2*
+  sed -i 's/^import ui_pb2/from . import ui_pb2/' opensnitch/proto/ui_pb2*
   python -m build --wheel --no-isolation
   # python setup.py build
   popd

MonkeeSage commented on 2024-06-11 06:59 (UTC) (edited on 2024-06-11 07:03 (UTC) by MonkeeSage)

Build is currently broken because cmd/protoc-gen-go-grpc updated google.golang.org/protobuf dependency to v1.34.1.

https://github.com/grpc/grpc-go/releases/tag/cmd%2Fprotoc-gen-go-grpc%2Fv1.4.0

ui/protocol/ui_grpc.pb.go:19:16: undefined: grpc.SupportPackageIsVersion8
ui/protocol/ui_grpc.pb.go:49:41: undefined: grpc.StaticMethod
ui/protocol/ui_grpc.pb.go:59:41: undefined: grpc.StaticMethod
ui/protocol/ui_grpc.pb.go:69:41: undefined: grpc.StaticMethod
ui/protocol/ui_grpc.pb.go:79:41: undefined: grpc.StaticMethod
ui/protocol/ui_grpc.pb.go:111:41: undefined: grpc.StaticMethod
make: *** [Makefile:21: opensnitchd] Error 1

Worked around by pinning to previous version as suggested upstream.

https://github.com/evilsocket/opensnitch/issues/1142

@@ -105,7 +105,7 @@ build() {
   export GOFLAGS="-buildmode=pie -trimpath -ldflags=-linkmode=external -mod=mod"
   export PATH=${PATH}:${GOPATH}/bin
   go install github.com/golang/protobuf/protoc-gen-go
-  go install google.golang.org/grpc/cmd/protoc-gen-go-grpc
+  go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0
   pushd proto
   make
   popd

Note: I had to remove the cached source to make go download the correct version.

abarbarian commented on 2023-07-22 12:42 (UTC)

Fails to build

/opensnitch-git/PKGBUILD: line 70: go: command not found ==> ERROR: A failure occurred in prepare(). Aborting... :: failed to verify integrity or prepare opensnitch-git package

Line 70 go clean -modcache

No idea how to fix that. :-(