Is there a firewall solution for Linux that will notify me of any connections that other processes try to establish, and let me allow/deny each connection manually?
I would like to get more concious about which tools are connecting to the internet, and how often.
You are looking for an outbound firewall
Like the others recommended
OpenSnitch has multiple detection ways, eBPF might require activation in the kernel, there are others too, 4 in total
For me on NixOS it worked in eBPF and proc mode. NixOS’ weird binary placement makes rules less secure I guess as it can only check commands (if it were nix-native it could use a function for that)
And I had tons of "unknown process"es which I needed to allow to not break things, which kinda makes the thing useless