This is a C# CLI application that acts as a modern OpenSnitch UI. It listens for connections from the OpenSnitch daemon (opensnitchd) and displays received messages in a rich, interactive Terminal User Interface (TUI).
- Live Connection Monitoring: Real-time streaming of all network activity.
- Rule Management: Dedicated tab to list all active daemon rules.
- Interactive Prompts: Popup dialogs for new/unknown connections.
- Custom Rule Creation: Advanced dialog to match on Path, Comm, Host, IP, Port, or UID.
- Rule Editing: Modify Action, Duration, and Data of existing rules on the fly.
- Rule Deletion: Remote deletion of rules from the daemon with confirmation.
- Multi-column Sorting: Sort by any column (s/S) with secondary "Newest First" logic.
- Process Details: Deep inspection of PID, Path, User, and Command Line args.
- Reverse DNS Resolution: Background lookups via local system DNS.
- User Resolution: Automatic mapping of UIDs to local system usernames.
- Container & Daemon Detection: Visual indicators for Namespaces/Containers (📦) and System Services (⚙️).
- Quick Navigation: Jump directly from a connection event to its applying rule ('j' key).
- Theme Support: 15+ color schemes including OneDark, TokyoNight, Kanagawa, RosePine, and Cobalt2. Supports HEX colors (#RRGGBB).
- Live Theme Editor: Interactive dialog (press e in Connections tab) to customize colors live with dropdown selection.
- Persistent Settings: Save and load UI state (theme, sort, filter, limit) via
~/.config/opensnitch-cli/config.json. - Manual Configuration Save: Use
Ctrl+Sto save current settings with a confirmation dialog. - Packaging Support: Automated generation of RPM, DEB, and AppImage packages via containerized builds.
- Notification System: System beep on prompt to grab attention (rate-limited).
- Global Search/Filtering: Real-time filtering of connection or rule lists, including full-path filtering.
- Dynamic Layout: Column auto-sizing for addresses and flexible "Program" column that absorbs remaining space.
- Daemon Config: Manage daemon-wide settings (InterceptUnknown, etc.) via UI.
- Firewall Viewer: Display system-level nftables/iptables chains and rules.
- Statistics Charts: Real-time graphing of connections and rule hits.
- Rule Export/Import: Backup and restore rules to/from files.
- .NET 8.0 SDK (or later)
- Dual TUI Modes:
- Terminal.Gui v2 Mode (Default): Full interactive grid with tabs, sorting, themes, and rule management.
- Spectre.Console Mode (
--tui): A high-performance, beautiful streaming view with fixed details pane.
- Global Hotkeys: Responsive controls ('q', '0', 's', 'j', 'e', 'd', 'c', 'r', 'Ctrl+S') that work regardless of current focus.
- Advanced Theme System: Support for HEX colors and 40+ named colors. Includes a built-in live editor for real-time customization.
- Persistent Configuration: Automatically loads settings from
~/.config/opensnitch-cli/config.json. Supports manual saving viaCtrl+S. - Smart Data Resolution: DNS and User mappings handled automatically in the background.
- Enhanced Process Context: Deep inspection of
/procand cgroups to identify Docker, Podman, LXC, Flatpak, Snap, and system daemons.
- Ensure the official OpenSnitch UI is NOT running, as this application needs to bind to
/tmp/osui.sock(Unix socket). - Navigate to the project root or
OpenSnitchClidirectory.
Generated packages can be found in the publish/ directory after running ./publish.sh.
sudo apt install ./opensnitch-cli_1.4.0_amd64.debsudo dnf install ./opensnitch-cli-1.4.0-1.x86_64.rpmThe AppImage is a portable single-file executable that runs on most distributions.
chmod +x OpenSnitch_CLI-1.4.0-x86_64.AppImage
./OpenSnitch_CLI-1.4.0-x86_64.AppImagecd OpenSnitchCli
dotnet run./OpenSnitch_CLI-1.4.0-x86_64.AppImagedotnet run -- --cfg my-config.json
# OR if installed:
opensnitch-cli --cfg my-config.jsondotnet run -- --gen-cfg./publish.shcd OpenSnitchCli
dotnet run -- --tuicd OpenSnitchCli
dotnet run -- --dumpcd OpenSnitchCli
dotnet run -- --helpBy default, the application:
- Starts a gRPC server on
127.0.0.1:50052. - Starts an internal UDS Proxy that bridges
/tmp/osui.sockto the TCP port, ensuring compatibility with the daemon.
| Key | Action |
|---|---|
| Arrow Keys | Navigate through the lists. |
| q | Quit the application. |
| f | Focus the Filter bar (Connections: Process, Rules: Name). |
| Ctrl + s | Save current settings to configuration file. |
| 0 | Cycle through visual themes. |
| s | Cycle sorting column. |
| S (Shift+S) | Toggle sort direction. |
| l | Cycle event history limit (50 - 1000). |
| c | Switch to Connections tab. |
| r | Switch to Rules tab. |
| j | Jump to the rule applying to selected connection (Connections Tab). |
| p | Toggle full process command args in "Program" column (Connections Tab). |
| t | Toggle selected rule Enabled/Disabled (Rules Tab). |
| e | Open Theme Editor (Connections Tab) or Edit Rule (Rules Tab). |
| d | Delete the selected rule (Rules Tab). |
| ? | Show Help dialog. |
- Icon Visibility: If you don't see 📦 or ⚙️ icons, ensure your terminal supports UTF-8 and its font includes emoji glyphs. Note that daemon and container detection requires permissions to read
/procfiles; running the CLI withsudois recommended for full accuracy. - Crash Logs: If the application crashes, check
opensnitch_tui_debug_*.login your temp directory for detailed logs. - No Events: Ensure
opensnitchdis running (sudo systemctl status opensnitch). Verify no other process is using/tmp/osui.sock.