Small project: outgoing connection notifier

Jan Engelhardt jengelh at
Sat Jul 7 13:27:32 CEST 2007

On Jul 7 2007 10:15, Marco Bridge wrote:
> Ciao guys, i'm a student from Switzerland
> My summer is just begun and i have a small project that would like to
> start in the following weeks, before is september again...
> The idea is to implement a small applet that notifies whenever a program
> tries to access the internet.
> For example it pops up a little window that says: "The application
> Azureus is trying to access the internet" and the user can choose
> allow/deny,  once or permanently.
> Such application exists for Mac, it is called LittleSnitch
> I'm pretty sure WinXP as it as part of the system itself.
> I didn't find something similar for Linux so it would be fun and
> interesting for me to do it.

> My thoughts about the project  are still really fuzzy, my major doubts
> regard:
> - where/how to intercept outbound connection requests from the application
> - how to temporarily suspend the connection request until user
> acknowledgment, if that's possible
> - how to understand which application made the request while the
> request is being submitted.
> I'm writing to this mailing list since you're probably the most
> competent in that...
> I never developed for Linux so i read what i found on network related
> kernel events but i still don't know where to start from...
> For example, i could write a kernel module that overrides the
> "connection request" syscall (if any) and matches my rules before
> allowing it.
> Or it could be possible to simply create what i want as an extension
> for netfilter.
> Does that make any sense?
> Any kind of pointer or suggestion to where to start from is really appreciated!
> Ciao
> Marco


More information about the netfilter-devel mailing list