[figglestar]

> monitor all outbound network connections with a gui prompt that defaults to deny. whitelist trusted domains/ip for a better experience and a bit less security.

> bonus points if the filtering happens upstream at a router or wireguard host so a compromised machine cannot easily disable filtering.

Is it possible to combine these two with open/tinysnitch somehow? It'd be nice to easily build a whitelist but with the way Windows works I couldn't trust any firewall that was running on Windows itself.

[nathants]

filtering upstream is easy, just send all traffic to a linux wireguard server and run a snitch there. getting the gui prompt is a bit tricker. for maximum trust, that gui should probably be on another device than the original machine. ie a push notification to your phone.