Find a file
2023-10-02 16:51:20 +02:00
.github Issue Mgmt: Add label actions config 2023-08-30 13:57:10 +02:00
broadcasts Unify and improve country info 2023-08-28 15:26:26 +02:00
cmds Bump core version 2023-10-02 16:51:20 +02:00
compat Improve timeouts of compatibility check 2023-08-04 14:09:53 +02:00
core Fix error log when no logs exist 2023-09-14 16:31:59 +02:00
detection/dga Fix tests and linters 2022-02-02 12:48:42 +01:00
firewall Improve string operations and use new call limiter in network/proc 2023-09-28 15:07:19 +02:00
intel Improve entity metadata initialization 2023-09-06 11:07:31 +02:00
nameserver Add internal metric IDs, add nameserver request metric 2023-09-05 14:44:40 +02:00
netenv Unify and improve country info 2023-08-28 15:26:26 +02:00
netquery Fix panic in toSQLConditionClause when no values are provided 2023-09-21 14:20:23 +02:00
network Improve string operations and use new call limiter in network/proc 2023-09-28 15:07:19 +02:00
process Improve IP/Port parsing 2023-09-06 11:08:02 +02:00
profile Disable profile ID migration 2023-09-19 15:45:03 +02:00
resolver Stop forcing using system resolvers for connectivity domains 2023-09-19 10:05:21 +02:00
status Update Go, deps and linter 2022-08-30 16:13:26 +02:00
ui Fix fs error handling 2022-10-11 14:49:06 +02:00
updates Update for changed DownloadUpdates method signature 2023-10-02 16:06:10 +02:00
.ci-inject-internal-deps.sh Add SPN integration 2020-08-06 21:36:43 +02:00
.gitattributes Add testing and CI integration 2019-10-25 13:36:11 +02:00
.gitignore Update netquery to support history module 2023-07-20 16:24:13 +02:00
.golangci.yml Update golangci-lint config 2023-07-20 14:05:29 +02:00
.travis.yml Fix install cmd 2020-04-09 17:03:12 +02:00
AUTHORS Add AUTHORS notice 2019-01-24 15:58:58 +01:00
CODE_OF_CONDUCT.md Add CoC [off topic] 2019-10-25 13:36:32 +02:00
go.mod Update deps 2023-10-02 16:36:27 +02:00
go.sum Update deps 2023-10-02 16:36:27 +02:00
Gopkg.lock Fix slow nfq shutdown 2020-12-21 14:55:33 +01:00
Gopkg.toml Fix slow nfq shutdown 2020-12-21 14:55:33 +01:00
LICENSE Create LICENSE 2019-01-24 15:46:02 +01:00
pack Update pack scripts 2020-11-24 16:47:01 +01:00
README.md Update README 2023-08-21 14:21:25 +02:00
test Disable cross compiling in test script 2023-05-08 13:23:18 +02:00
TESTING.md Add wip testing guide 2021-12-06 15:17:53 +01:00
TRADEMARKS Add TRADEMARKS notice 2019-01-24 16:33:00 +01:00

Get Peace of Mind
with Easy Privacy

Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity.

With great defaults your privacy improves without any effort. And if you want to configure and control everything down to the last detail - Portmaster has you covered too. Developed in the EU 🇪🇺, Austria.

Portmaster User Interface

Features

  1. Monitor All Network Activity
  2. Automatically Block Trackers & Malware
  3. Secure Your DNS Requests by Default
  4. Create Your Own Rules
  5. Set Global & perApp Settings
  6. FAQ

Download for Free

About Safing

As Seen on:

It's FOSS         ghacks.net     Techlore     Lifehacker

Technical Introduction

Portmaster is a privacy suite for your Windows and Linux desktop.

Base Technology

  • Portmaster integrates into network stack using nfqueue on Linux and a kernel driver (WFP) on Windows.
  • Packets are intercepted at the raw packet level - every packet is seen and can be stopped.
  • Ownership of connections is found using eBPF and /proc on Linux and a kernel driver and the IP Helper API (iphlpapi.dll) on Windows.
  • Most settings can be defined per app, which can be matched in different ways.
  • Support for special processes with weird or concealed paths/actors:
    • Snap, AppImage and Script support on Linux
    • Windows Store apps and svchost.exe system services support on Windows
  • Everything is 100% local on your device. (except the SPN, naturally)
    • Updates are fully signed and downloaded automatically.
    • Intelligence data (block lists, geoip) is downloaded and applied automatically.
  • The Portmaster Core Service runs as a system service, the UI elements (App, Notifier) run in user context.
  • The main UI still uses electron as a wrapper :/ - but this will change in the future. You can also open the UI in the browser

Feature: Secure DNS

  • Portmaster intercepts "astray" DNS queries and reroutes them to itself for seamless integration.
  • DNS queries are resolved by the default or configured DoT/DoH resolvers.
  • Full support for split horizon and horizon validation to defend against rebinding attacks.

Feature: Privacy Filter

  • Define allowed network scopes: Localhost, LAN, Internet, P2P, Inbound.
  • Easy rules based on Internet entities: Domain, IP, Country and more.
  • Filter Lists block common malware, ad, tracker domains etc.

Feature: Network History ($)

  • Record connections and their details in a local database and search all of it later
  • Auto-delete old history or delete on demand

Feature: Bandwidth Visibility ($)

  • Monitor bandwidth usage per connection and app

Feature: SPN - Safing Privacy Network ($)

  • A Privacy Network aimed at use cases "between" VPN and Tor.
  • Uses onion encryption over multiple hops just like Tor.
  • Routes are chosen to cover most distance within the network to increase privacy.
  • Exits are chosen near the destination server. This automatically geo-unblocks in many cases.
  • Exclude apps and domains/entities from using SPN.
  • Change routing algorithm and focus per app.
  • Nodes are hosted by Safing (company behind Portmaster) and the community.
  • Speeds are pretty decent (>100MBit/s).

Further Readings:

Documentation

All details and guides live in the dedicated wiki