Ok, thank you for a clue, I'll give it a try. The last time I checked it was clearly very far from production-ready. It still shouts "this software is a work in progress, do not expect it to be bug free and do not rely on it for any type of security" in all caps on its homepage which suggests it still is. Given all the abandoned attempts I've seen in the past I also feel very skeptical this one too.
I can give you mine, since I use(d) opensnitch for a while.
It works quite well but requires a GUI (obviously), it looks like it primarily supports GTK. If you're hoping to use the machine purely from the CLI (like, when sshing into your work machine) it won't work well.
It is significantly less powerful than LittleSnitch, some options don't exist (like, allowing access to a domain), but you get similar functionality in many cases.
Overall, it's definitely worth testing out to see if it works for you.
> If you're hoping to use the machine purely from the CLI (like, when sshing into your work machine) it won't work well.
There's no cli tool published yet. There's a PoC though that works well.
> some options don't exist (like, allowing access to a domain)
Since version 1.0.0b you can filter by domain. And in latest version by domain, ip, network, uid, port, command line, command path, cmd environment variables, protocol, or any combination of them. You can't filter by interface, but if aomeone needs it open a new issue.
> It is significantly less powerful than LittleSnitch