Ping do not display a OpenSnitch notification

[BobSquarePants]

From the terminal launching a ping -4ac 1 192.168.1.7

Do not trigger an OpenSnitch notification.

• OpenSnitch version. 1.6.0rc2
• OS: [e.g. Debian GNU/Linux, ArchLinux, Slackware, ...] Devuan
• Version [e.g. Buster, 10.3, 20.04] Devuan 4 , aka chimaera
• Window Manager: [e.g. GNOME Shell, KDE, enlightenment, i3wm, ...] XFCE4
• Kernel version: echo $(uname -a) 5.10

[BobSquarePants]

I've tried also with the version 1.5.2

it's does the same. (fresh install) no rules inside OpenSnitch.

When I close the GUI, the ping -4ac 1 192.168.1.7 work back directly

[gustavo-iniguez-goya]

That's the expected behaviour. We don't intercept ICMP packets.

If you ping a domain then yes, because prior to sending an ICMP packet it needs to resolve the domain.

[BobSquarePants]

Thanks @gustavo-iniguez-goya , but I realize to mention that the ping fail when the GUI is running. Is that expected ?

[gustavo-iniguez-goya]

yes, the daemon doesn't intercept those packets, so it doesn't send a notification to the GUI. Since ICMP is very important for many things, that's why we allow it by default via a system fw rule.

That's why it's the expected behaviour (as of today).

[BobSquarePants]

Ahhh ok ! The daemon doesn't catch them...

I think you should let the choice to the user..

For me I found it important to be able to allow/disable when I need.

[gustavo-iniguez-goya]

added icmp/icmp6 supprort: https://github.com/evilsocket/opensnitch/commit/50217afc9fe28c60b7d59cc9569644abdf749a3d

it'll be available on next 1.6.0 rc.