this post was submitted on 12 Jul 2026
164 points (98.2% liked)

Technology

86387 readers
3407 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
top 19 comments
sorted by: hot top controversial new old
[–] heartSagan5@lemmy.zip 14 points 4 days ago

iptables and nftables are just different frontends to the netfilter kernel module.

[–] ohshit604@sh.itjust.works 19 points 4 days ago* (last edited 4 days ago) (2 children)

OpenSnitch is a nice for the desktop environment, deny by default and prompts the user when an application requests a open port, at first the prompts can get a little overwhelming given how many things want to connect to xyz server but eventually lightens up.

[–] prenatal_confusion@feddit.org -2 points 4 days ago (1 children)

I really dont like the idea that a program on my local os doing things I don't want it to do and the only thing stopping it is a software firewall.

If you don't trust the platform then you shouldn't be using it. No bandaid like antivirus or firewall can help with that.

[–] ohshit604@sh.itjust.works 7 points 4 days ago* (last edited 4 days ago) (1 children)

If you don't trust the platform then you shouldn't be using it. No bandaid like antivirus or firewall can help with that.

I mean, if you don’t have a firewall on the device itself then your router certainly does, your device requests xyz port open your router will oblige with UPNP unless explicitly denied.

The on-device firewall is just an extra step before it hits your router’s firewall anyways, I’m sure your devices have made contact with servers behind your back that you know nothing about.

[–] prenatal_confusion@feddit.org 0 points 4 days ago

I absolutely agree that additional security layers are useful and even necessary. A software firewall on the device itself just isn't one of them. For me.

[–] Jason2357@lemmy.ca -2 points 4 days ago (4 children)

Its a little annoying on Linux but I wonder what it would be like on Windows.

[–] Dnb@lemmy.dbzer0.com 9 points 4 days ago

Windows firewall already does prompt like this

[–] ohshit604@sh.itjust.works 3 points 4 days ago* (last edited 4 days ago)

The firewall is annoying? I would argue and say the firewall is protecting your computer from connecting to a rouge server, annoying or not it’s better than some douche abusing an exploit in your system.

[–] makeshift0546@lemmy.today 2 points 4 days ago* (last edited 4 days ago)

Trivial. It pops up, you click.

[–] MonkderVierte@lemmy.zip 2 points 4 days ago (1 children)

Glasswire and Tinywall(?) are like this.

[–] lemonuri@infosec.pub 2 points 4 days ago (1 children)

Simplewall works great, it's open source. And yes, there are a couple of million requests made by windows apps alone, which are completely fine to block. Simplewall also blocks windows telemetry. I have to use win11 at work and it's an absolute ahitstorm of network requests that you don't get to see when using windows firewall.

Glaswire looks beautiful and functions well, but you will hit the paywall after a couple of weeks (I used this on the around 2010 I think)

[–] MonkderVierte@lemmy.zip 1 points 4 days ago

Right, Simplewall, not Tinywall.