Hey, just throwing the idea here, don’t know anything about the technical aspect of implementing it, or if it’s even possible,
I think it would be useful to monitor the networks (from outsite the qubes), with functionnalities like Safing Portmaster to restrict the connection from programs easily.
I guess, tell me if it’s possible / what you think of it, thanks !
Yeah, that’d be nice. Obviously if done outside the qube one wouldn’t be
able anymore to tell which application requested that connection, but
you could still see all the connection requests.
Come to think of it, couldn’t one “simply” run wireshark in sys-firewall?
Also: I am running pi-hole in a dedicated qube and route DNS queries to
it. This gives me blocking on a domain level and speeds up DNS queries
(local cache + blocking everything you don’t want immediately). In my
case I have 329,786 domains blocked and when I just checked the ratio
was 56.8% off all queries got blocked. That’s without me noticing any
issues (all apps and websites work just fine). Crazy right?
Yeah it’s sad that it wouldn’t be able to isolate programs, still hoping there’s a way ^^
But it could intercept ads, trackers, analytics, telemetry… like portmaster right ?
And since portmaster is open source maybe they could straight up implement a modified version ?
But it could intercept ads, trackers, analytics, telemetry… like portmaster right ?
As I said: you can have that already using pi-hole which is doing
exactly what portmaster does (blocking based on black-list).
This blog post was very helpful when setting it up: