-
-
Notifications
You must be signed in to change notification settings - Fork 306
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve detection some network programs when using systemd-resolved #1379
Comments
I found a example code: how to read the cmdline of the process in Kernel This is as expected. |
You can even create a new profile with a process fingerprint to match based on the command line if you want. Press the plus on the right for a quick start into that. |
Thanks, I was blind.
|
We don't yet parse See https://github.com/safing/portmaster/blob/develop/network/proc/tables.go |
Today, I know that When I try to switch from Sorry for the confusion. I have a question, which of the two DNS resolvers (openresolv vs. systemd-resolved) would you recommend? Edit: It looks like that the |
What you are looking at here are DNS requests, not the actual ICMP message. You do not see DNS requests when using systemd-resolved, because the requests do not go over the "wire", but go through the DBUS interface, so there is no network packet from the ping process for DNS resolution. |
Thanks! I disabled systemd-resolved. |
What would you like to add or change?:
I notice that Opensnitch can detect a network-binary such as/usr/bin/ping
whenping
is executed and its detail is stored in Opensnitch, but Portmaster does not.I notice that Portmaster does not detect a network-binary such as
/usr/bin/ping
when usingsystemd-resolved
instead ofopenresolv
on any Arch based distros.I would like to see cmdline in detail of any app, for example:
When I ran
curl --silent --fail --connect-timeout 8 www.google.com
, Opensnitch shows the detail:Screenshot of Opensnitch:
The detail of cmdline lacks in Portmaster except the process-name.
The text was updated successfully, but these errors were encountered: