RE: can we find a solution to bug #820895 (show Process Name in log files) (imaginative solution/description presented)?
Yes, good insights, Robbie. Just to be clear, I'm not asking that an application-firewall (as Jason Todd was speaking of) be created to solve this problem. I'm totally fine with a solution that doesn't involve a firewall. It's just that an application firewall allows me to solve this problem when I use Windows, so it is the only base of reference I have to speak to. I simply am asking that some way be created to give users a user-friendly, in-your-face way to learn/discover/record/log what applications and/or system-processes are making internet connections and/or are being blocked from making internet connections (e.g., by GUFW when it is set to block outgoing connections). One way to solve this problem (as envisioned in my imagination without any insight into the technical feasibility of it) would be to design some sort of "Indicator" that appears on the titlebar of an application's window. For example, in the upper right corner of the titlebar, an internet-connection-icon would display if the app is trying to connect or is actually connected to the internet. If the app is not connecting nor trying to connect to the internet then this icon would change its appearance. This Indicator would solve my problem because it provides a user-friendly, in-your-face, understandable way for users to quickly ascertain the "internet-connection-state" and "internet-connection-behavior" of an application. Here's an example of how this can be directly used in the real world: first, say I use a Mobile Broadband internet connection that only gets so much GB a month. And to try to conserve bandwidth I only want internet connections that I deem "worthwhile" to occur. If I ONLY use RhythmBox to play MP3s that live on my harddrive, I do not need (nor want) Rhythmbox to make an internet connection when I open and use the application. All I'm using it for is to play MP3s from my harddrive. What does it need to connect to the internet for? So I need an easy and "in your face" way to discover if & when Rhythmbox is making an internet connection. If I open Rhythmbox and start playing an MP3 and notice that Rhythmbox is making an internet connection, then I know that I need to go into the Rhythmbox settings and configure it to NOT make those internet connections. If Rhythmbox's settings do not allow for such configuration, I know that I should select a different application for playing my music with (i.e., one that does allow such configuration). To further support my case, I offer that with Ubuntu One and other cloud services growing in popularity, I think it makes sense for users to have a user-friendly way to be able to keep abreast of the "internet-connection-state" and "internet-connection-behavior" of their applications & system. Thank you so much for reading/listening to my concerns on this issue. I hope I have been clear in my descriptions :-) > Date: Thu, 26 Jan 2012 15:30:52 -0600 > From: rob...@ubuntu.com > To: jtodd...@hotmail.com > CC: nru...@hotmail.com; ubuntu-devel-discuss@lists.ubuntu.com > Subject: Re: can we find a solution to bug #820895 (show Process Name in log > files)? > > Seems to be 2 separate issues in this thread: > > 1) Our system logging for firewall issues only logs PIDs via iptables > with no program name. Given other applications like netstat and nethogs > can do this, I think it's something we should try and work with upstream > to address. (my $0.02) > > 2) Users can't firewall based on applications. I could be completely > wrong here, but I believe AppArmor[1] provides this functionality via > profiles. While not as simple as adding an application to a list, it > might be an alternative solution until there's an easier way to do this. > > http://manpages.ubuntu.com/manpages/hardy/man5/apparmor.d.5.html > > -Robbie > > On 01/26/2012 02:51 PM, Jason Todd wrote: > > Nick, the package is called "acct" all by itself. > > IMHO it will not solve the problem you are facing. I have tried it and > > it is not "user-friendly" compared to what you are used to. I have > > watched numerous people go back to Windows largely because of user > > frustration/inability to discover/control what applications can and > > cannot internet connect. I remember reading one review of ubuntu where > > the reviewer hooked up some friends with 11.04 to get their opinions. > > One of the things the friends complained about was only having control > > of ports (and not applications) in the firewall. I could have swore it > > was at tomshardware.com. I've searched but can't find the review. It was > > back around the time 11.04 came out. > > The way Linux deals with applications and internet connections has not > > evolved to a consumer-desktop-level. In an age where privacy and > > security are very important, it's going to need to address this to gain > > more users. I was sad to see Bug 820895 marked as Won't Fix. > > > > I personally tried to get my friend to start
Re: can we find a solution to bug #820895 (show Process Name in log files)?
Seems to be 2 separate issues in this thread:
1) Our system logging for firewall issues only logs PIDs via iptables
with no program name. Given other applications like netstat and nethogs
can do this, I think it's something we should try and work with upstream
to address. (my $0.02)
2) Users can't firewall based on applications. I could be completely
wrong here, but I believe AppArmor[1] provides this functionality via
profiles. While not as simple as adding an application to a list, it
might be an alternative solution until there's an easier way to do this.
http://manpages.ubuntu.com/manpages/hardy/man5/apparmor.d.5.html
-Robbie
On 01/26/2012 02:51 PM, Jason Todd wrote:
> Nick, the package is called "acct" all by itself.
> IMHO it will not solve the problem you are facing. I have tried it and
> it is not "user-friendly" compared to what you are used to. I have
> watched numerous people go back to Windows largely because of user
> frustration/inability to discover/control what applications can and
> cannot internet connect. I remember reading one review of ubuntu where
> the reviewer hooked up some friends with 11.04 to get their opinions.
> One of the things the friends complained about was only having control
> of ports (and not applications) in the firewall. I could have swore it
> was at tomshardware.com. I've searched but can't find the review. It was
> back around the time 11.04 came out.
> The way Linux deals with applications and internet connections has not
> evolved to a consumer-desktop-level. In an age where privacy and
> security are very important, it's going to need to address this to gain
> more users. I was sad to see Bug 820895 marked as Won't Fix.
>
> I personally tried to get my friend to start using ubuntu. But he grew
> frustrated with no application firewall capabilities. He posted in the
> ubuntu-forums on the issue and it generated a long discussion but
> ultimately turned into a big mess where lots of ubuntu users were
> calling him an idiot and saying that Windows uses an application
> firewall because Windows sucks. The thread was closed and my friend went
> back to Windows feeling like ubuntu is only for programmers and everyone
> that uses Ubuntu thinks he's stupid cause he wanted an application firewall.
>
>
> From: nru...@hotmail.com
> To: ps...@ubuntu.com; ubuntu-devel-discuss@lists.ubuntu.com
> Subject: RE: can we find a solution to bug #820895 (show Process Name in
> log files)?
> Date: Thu, 26 Jan 2012 10:16:22 -0500
>
> Philip, thanks for your reply. I greatly appreciate it. You said,
>
If you don't like the connections a program makes, then configure it
> not to do so. If you can't do that, then don't run such a bad program.>>>
>
> This is what I'm trying to do on Ubuntu! :) if I can't log the process
> name, How do I learn what connections a program is making so that I can
> configure that program to not make those connections? You see the problem?
>
> For over a year I have been struggling (on Ubuntu) with a way to
> identify the connections programs are making so that I can do what you
> say: configure it not to make those connections or to uninstall the
> program if I deem it a "bad program." This is a non-issue on Microsoft
> Windows because I can easily identify connections programs are making
> and I can KNOW the comings and goings on my computer as it is all logged
> with Application Name in the firewall log. One of the criteria I use to
> select which applications I install and run is "internet connection
> behavior." It has been very difficult selecting applications I prefer in
> Ubuntu because I am forced to sit and watch netstat while trying to
> accomplish things. What I have ended up doing is (when available)
> installing the same program on Windows, study the firewall log in
> Windows and then deeming it a "good" or "bad" program for use in Ubuntu.
> So I am still seeking a solution on Ubuntu. If there's some other way to
> accomplish what I'm after (than using a Firewall Log), I will use it.
> But I have yet to find as reasonable a solution on Ubuntu. As others
> have remarked in forums etc, this is becoming an increasing priority in
> order to manage Mobile Broadband internet connection usage as the
> accounts come with bandwidth caps where users are charged a lot of extra
> money if they exceeds the caps.
>
> I will investigate using acct package, is this the name ("acct" or "acct
> package") I should search for in Synaptic? I have not tried this as a
> solution and really appreciate your suggestion.
>
>
>
>> Date: Wed, 25 Jan 2012 19:55:18 -0500
>> From: ps...@ubuntu.com
>> To: nru...@hotmail.com
>> CC: ubuntu-devel-discuss@lists.ubuntu.com
>> Subject: Re: can we find a solution to bug #820895 (show Process Name
> in log files)?
>>
> On 01/25/2012 06:22 PM, nick rundy wrote:
>> Is there anything that can be done to create some way for Ubuntu
>> users to
RE: can we find a solution to bug #820895 (show Process Name in log files)?
Nick, the package is called "acct" all by itself.
IMHO it will not solve the problem you are facing. I have tried it and it is
not "user-friendly" compared to what you are used to. I have watched numerous
people go back to Windows largely because of user frustration/inability to
discover/control what applications can and cannot internet connect. I remember
reading one review of ubuntu where the reviewer hooked up some friends with
11.04 to get their opinions. One of the things the friends complained about was
only having control of ports (and not applications) in the firewall. I could
have swore it was at tomshardware.com. I've searched but can't find the review.
It was back around the time 11.04 came out.
The way Linux deals with applications and internet connections has not evolved
to a consumer-desktop-level. In an age where privacy and security are very
important, it's going to need to address this to gain more users. I was sad to
see Bug 820895 marked as Won't Fix.
I personally tried to get my friend to start using ubuntu. But he grew
frustrated with no application firewall capabilities. He posted in the
ubuntu-forums on the issue and it generated a long discussion but ultimately
turned into a big mess where lots of ubuntu users were calling him an idiot and
saying that Windows uses an application firewall because Windows sucks. The
thread was closed and my friend went back to Windows feeling like ubuntu is
only for programmers and everyone that uses Ubuntu thinks he's stupid cause he
wanted an application firewall.
From: nru...@hotmail.com
To: ps...@ubuntu.com; ubuntu-devel-discuss@lists.ubuntu.com
Subject: RE: can we find a solution to bug #820895 (show Process Name in log
files)?
Date: Thu, 26 Jan 2012 10:16:22 -0500
Philip, thanks for your reply. I greatly appreciate it. You said,
>>>If you don't like the connections a program makes, then configure it not
to do so. If you can't do that, then don't run such a bad program.>>>
This is what I'm trying to do on Ubuntu! :) if I can't log the process name,
How do I learn what connections a program is making so that I can configure
that program to not make those connections? You see the problem?
For over a year I have been struggling (on Ubuntu) with a way to identify the
connections programs are making so that I can do what you say: configure it not
to make those connections or to uninstall the program if I deem it a "bad
program." This is a non-issue on Microsoft Windows because I can easily
identify connections programs are making and I can KNOW the comings and goings
on my computer as it is all logged with Application Name in the firewall log.
One of the criteria I use to select which applications I install and run is
"internet connection behavior." It has been very difficult selecting
applications I prefer in Ubuntu because I am forced to sit and watch netstat
while trying to accomplish things. What I have ended up doing is (when
available) installing the same program on Windows, study the firewall log in
Windows and then deeming it a "good" or "bad" program for use in Ubuntu. So I
am still seeking a solution on Ubuntu. If there's some other way to accomplish
what I'm after (than using a Firewall Log), I will use it. But I have yet to
find as reasonable a solution on Ubuntu. As others have remarked in forums etc,
this is becoming an increasing priority in order to manage Mobile Broadband
internet connection usage as the accounts come with bandwidth caps where users
are charged a lot of extra money if they exceeds the caps.
I will investigate using acct package, is this the name ("acct" or "acct
package") I should search for in Synaptic? I have not tried this as a solution
and really appreciate your suggestion.
> Date: Wed, 25 Jan 2012 19:55:18 -0500
> From: ps...@ubuntu.com
> To: nru...@hotmail.com
> CC: ubuntu-devel-discuss@lists.ubuntu.com
> Subject: Re: can we find a solution to bug #820895 (show Process Name in log
> files)?
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 01/25/2012 06:22 PM, nick rundy wrote:
> > Is there anything that can be done to create some way for Ubuntu
> > users to get the capability of having a static record of what
> > application/s made an outgoing connection?
>
> That would require a change to the iptables kernel module that implements
> process based rules. Last I saw, it wasn't really maintained because the
> whole concept is considered broken by design. In other words, you shouldn't
> be setting rules based on processes.
>
> Needing an external firewall to control network activity of a program in the
> first place is the result of using badly behaved closed source programs, and
> so it largely a non issue for the open source community.
>
> > The capability to log "process names" has been requested by numerous
> > users over the years, here's some links:
>
> If you want to log what processes are run and when in general, th
Subject: can we find a solution to bug #820895 (show Process Name in log files)?
> > > Date: Wed, 25 Jan 2012 18:22:13 -0500 > From: nick rundy > To: > Subject: can we find a solution to bug #820895 (show Process Name in >log files)? > A lot of people want to have a log of the outgoing internet connections of > applications (or at least a log of what applications are blocked by a > firewall). Unless users are willing to sit and stare at the monitor while > connections occur every second they are on their computer, users have no > way of learning what apps are making outgoing connections on their > computers (or being blocked from making connections). If the capability > doesn't exist in the current software, can't it be created or added to it? > > > I use wireshark to track my Internet activity. You can either run it on the development machine, or run an Ubuntu router . -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
RE: can we find a solution to bug #820895 (show Process Name in log files)?
Philip, thanks for your reply. I greatly appreciate it. You said,
>>>If you don't like the connections a program makes, then configure it not
to do so. If you can't do that, then don't run such a bad program.>>>
This is what I'm trying to do on Ubuntu! :) if I can't log the process name,
How do I learn what connections a program is making so that I can configure
that program to not make those connections? You see the problem?
For over a year I have been struggling (on Ubuntu) with a way to identify the
connections programs are making so that I can do what you say: configure it not
to make those connections or to uninstall the program if I deem it a "bad
program." This is a non-issue on Microsoft Windows because I can easily
identify connections programs are making and I can KNOW the comings and goings
on my computer as it is all logged with Application Name in the firewall log.
One of the criteria I use to select which applications I install and run is
"internet connection behavior." It has been very difficult selecting
applications I prefer in Ubuntu because I am forced to sit and watch netstat
while trying to accomplish things. What I have ended up doing is (when
available) installing the same program on Windows, study the firewall log in
Windows and then deeming it a "good" or "bad" program for use in Ubuntu. So I
am still seeking a solution on Ubuntu. If there's some other way to accomplish
what I'm after (than using a Firewall Log), I will use it. But I have yet to
find as reasonable a solution on Ubuntu. As others have remarked in forums etc,
this is becoming an increasing priority in order to manage Mobile Broadband
internet connection usage as the accounts come with bandwidth caps where users
are charged a lot of extra money if they exceeds the caps.
I will investigate using acct package, is this the name ("acct" or "acct
package") I should search for in Synaptic? I have not tried this as a solution
and really appreciate your suggestion.
> Date: Wed, 25 Jan 2012 19:55:18 -0500
> From: ps...@ubuntu.com
> To: nru...@hotmail.com
> CC: ubuntu-devel-discuss@lists.ubuntu.com
> Subject: Re: can we find a solution to bug #820895 (show Process Name in log
> files)?
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 01/25/2012 06:22 PM, nick rundy wrote:
> > Is there anything that can be done to create some way for Ubuntu
> > users to get the capability of having a static record of what
> > application/s made an outgoing connection?
>
> That would require a change to the iptables kernel module that implements
> process based rules. Last I saw, it wasn't really maintained because the
> whole concept is considered broken by design. In other words, you shouldn't
> be setting rules based on processes.
>
> Needing an external firewall to control network activity of a program in the
> first place is the result of using badly behaved closed source programs, and
> so it largely a non issue for the open source community.
>
> > The capability to log "process names" has been requested by numerous
> > users over the years, here's some links:
>
> If you want to log what processes are run and when in general, then you can
> install and configure the acct package. You could then use the accounting
> information to look up what process had a given pid at a given time.
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJPIKR1AAoJEJrBOlT6nu756PcIAIHnAJ1jJYX9Sar62AYitrFK
> MyGj6xrVIGc+GLMxK9Nh7rGC+jS+YB3l6oFc+Mo0PJK7Z3c88Akc6TAfZX56dJQY
> JNoQqKEwat43BBAU100rRehwtsMU5zG39GkHrt/kaarQu40e4yh1Qx+TIL2IYAq3
> 76MA7FpqH4YhpjcVAek1pCrodQEZ8KrX0VR6sXHe5pqJcH9xqJHoNdLT58Ik3y4W
> OdEMs6YLvKnQ+dJEzy8COoDFYOy+QQG1uQILu3qbuOauVcSE2KX8PBwBKGOnxH/r
> DgvrUyfBsA8NOU+ml2FgSABlvuhyTrbZM96oZ+fcTwtPSNUEqBVVBsKGHiNqPfQ=
> =Lq5r
> -END PGP SIGNATURE-
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
