-
-
Notifications
You must be signed in to change notification settings - Fork 127
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trusting domain vs HTTP block #1451
Comments
Essentially, the ask is to support port-numbers for domain rules? |
|
We've implemented this in
We are in two minds about supporting this. There are no technical issues here but just that enforcing a domain name rule with no port number will have to behave drastically differently than when specified with a port number1, which might confuse users. Footnotes
|
Thank you very much. I will update as soon as it lands on F-droid.
I wrote this for completeness while bug-reporting, but I do not need this personally. I was thinking in general about any users that potentially relied on the domain rule allowing port 80 and now (since v055l) will have no way to access port 80. |
OpenSnitch has one single list of rules (screenshot 1). A rule can provide an IP, and/or domain, and/or port, and/or app, ... Although the name sounds like "allow google.com" for ease of reading, the rule is a generic predicate ( It seems that OpenSnitch has already encountered the problem that similar-looking things behave differently, but I do not know how they deal with it exactly. For Rethink, maybe one list of rules, and a colored badge on each rule, to self-identify as "triggered at the DNS level" vs connection level. |
Thanks.
true, but there's a laundry list of things (enough to keep us busy for 2 years) already left to work on before this particular power-user feature should get implemented? (: |
I updated to v0.5.5L from F-droid and rebooted the phone. I set Fennec to Isolated, but unfortunately I can still browse HTTP-only websites that I add to the trust list. I double-checked that the Universal rule is set. I am on Samsung Android 7.1. |
This also applies to the IP address: Fennec can connect to my home PC (where I run |
Sorry, we undid the change in We're thinking of either bringing in |
I cannot block port 80 while trusting a domain. Also, a trust rule for
my_domain_here.com:80
seems ineffective, but the GUI accepts it.+
button and type a rule formy_domain_here.com:80
.What about changing the logic to block the port 80 even if there is a trust rule? Then the app could introduce support for the syntax
domain.com:80
, to whitelist the port.The text was updated successfully, but these errors were encountered: