group of rules based on the current network

[SubOptimal]

Is there way to group rules based on the network, either automatically or manual?

Assume a laptop which can be connected to different networks, e.g. home, friend, public.

connected to my home WiFi

• I might allow many permanent rules for connections outgoing/incoming

connected to a friends WiFi

• I would allow only some permanent rules for connections outgoing/incoming, e.g. disable connection attempts to my home calendar, Cups server, and would allow browser connections
• all other connections are allowed by a temporary rule

connected to a public WiFi

• I would allow only temporary connections outgoing

For the moment I prefix all permanent rules either with home or friend to be able to sort them accordingly, select them on block, and to enable/disable them.

• Is there already a better way implemented?
• Is there an option like "after network up, everything is denied and all rules are disabled, and the user need to confirm which rules should be enabled"?

[gustavo-iniguez-goya]

hi @SubOptimal !

Not yet. There's a feature request that shouldn't take us much to implement #1078 but I can't provide an ETA

Is there already a better way implemented?
Is there an option like "after network up, everything is denied and all rules are disabled, and the user need to confirm which rules should be enabled"?

Unfortunately no (to both questions). To react to different events we should intercept more events (iface up/down, IP added/removed, process start listening on a port, etc, etc...) and then apply rules on those events. I worked on that direction, but this specific feature will take time to be added.

[SubOptimal]

Hi @gustavo-iniguez-goya,

thanks for your answer. Seems I did not searched carefully enough through issue.