OpenSnitch is a rare tool in the Linux ecosystem. It is a service with a friendly graphical desktop application which assists the user in blocking network connections based on which daemon or application is making the connection attempt. Most Linux firewall tools focus on blocking access to specific network ports or remote servers. OpenSnitch focuses on which program is trying to access the network or send network traffic to remote machines. The OpenSnitch service can monitor connection attempts, let us know which processes are trying to talk over the network, and to which remote servers. It’s an interesting and powerful tool, one which I felt deserved more attention.
I personally use firewalld for just the GUI. I heard good things about OpenSnitch but never tried it.
Just tried it out and it looks really promising
I was a huge user of LittleSnitch on Mac back in the days so this makes me very happy