v1.0.2

GeoNetMon 1.0.2 — Release Notes

A critical reliability release. If you ran 1.0.0/1.0.1 with the shield enabled, please upgrade — this fixes a bug that could take your network
offline.

Critical fix: no more network blackout

Previous versions could leave you with no internet if the firewall was armed but the app window wasn't open (for example after a reboot). The
background daemon would hold every new connection waiting for an answer that never came, then deny it — and because its rules sit in front of
your normal firewall, resetting UFW or rebooting didn't help; only removing the package did.

1.0.2 makes the firewall fail open whenever the app isn't there to answer:

• If no GeoNetMon window is connected, new connections are allowed through instead of being held and denied. Your decisions (allow/block rules)
  are still enforced — only the "ask me" case gets out of the way.
• The kernel packet queue is sized so a burst of connections can't overflow and drop traffic.
• A crash in packet handling can no longer wedge the firewall.
  1.0.2 makes the firewall fail open whenever the app isn't there to answer:
• If no GeoNetMon window is connected, new connections are allowed through instead of being held and denied. Your decisions (allow/block rules) are still enforced — only the "ask me" case gets out of the way.
• The kernel packet queue is sized so a burst of connections can't overflow and drop traffic.
• A crash in packet handling can no longer wedge the firewall.

Firewall behaviour

• Closing the app (or Quit) now fully disarms the firewall — it tears down only GeoNetMon's own rules and leaves UFW untouched, and it won't silently re-arm on the next boot. App open = firewall on; close = full stop. (Enable "Run in
  background" in Preferences if you want it to keep running.)

• "Allow , any connection" now covers the whole app. Rules match on the program's executable, so an allow for Firefox/Chrome/Slack/etc. correctly covers all of that app's helper processes instead of re-prompting for each one.

  Security & correctness (internal audit)

• IPv6 enforcement gap closed — IPv6 traffic using extension headers (e.g. fragments) is now properly inspected instead of slipping through.

• Hardened the privileged daemon against malformed packets and malformed control messages.

• Binary-integrity checks no longer stall packet processing.

  Connection map

• Live data-flow animation — glowing packets stream along the arcs showing what's connecting where, in real time. Outbound flows away from you, inbound toward you, with risky traffic moving faster.

• Flows now cross the international date line smoothly (Australia↔US and similar routes flow over the map edge instead of vanishing).

⚙️ Interface & settings

• Home country is now a dropdown — pick your location by name (needed for the map's arcs/flows) instead of typing an ISO code.
• Primary menu is now a gear icon.
• Fixed the red box in the toolbar (a missing column-toggle icon).
• The new-connection highlight now uses your chosen accent colour instead of a fixed brown.

Install / upgrade

sudo apt install ./geonetmon_1.0.2_all.deb
Then reboot (so your session joins the geonetmon group and the daemon starts clean) and launch GeoNetMon from your app menu.

Panic button if anything ever misbehaves: sudo systemctl stop geonetmond — instantly restores networking without removing the package.

v1.0.1

Bug Fixes

• Fixed app not appearing in GNOME application launcher after install
• Fixed daemon crashing on startup due to read-only home directory restriction
• Fixed nftables cleanup commands failing silently on daemon stop
• Fixed running GUI processes not being killed on apt remove

UI Improvements

• Connection map now uses high-resolution Natural Earth coastline data
• Removed legend bar from bottom of connection map
• Removed High-risk filter button from connection map toolbar
• Detail panel on connection map now hidden until a dot is clicked
• Fixed square corners on alert button when notifications are pending

Allow/Deny Prompt

• Added timed rule options: For 1 minute, For 10 minutes, For 1 hour
• Unknown connections now show destination IP alongside hostname

Rules Engine

• Timed rules automatically expire and are cleaned up by the daemon

Installer

• App menu entry now works correctly on first install (no longer requires sg group wrapper)
• Duplicate app menu category removed (was appearing twice in some DEs)
• Version bumped to 1.0.1 in app About screen

GeoNetMon

Initial release.

• Live TCP/UDP connection monitor with per-connection GeoIP, reverse DNS, bandwidth, and risk scoring
• Interactive outbound firewall — allow/deny prompts per app, with configurable scope and duration (Little Snitch /
  OpenSnitch style)
• Privilege-separated daemon (geonetmond) — GUI runs unprivileged, daemon handles packet interception via nftables + NFQUEUE
• DNS-aware prompts — shows hostnames not IPs on the first packet
• Binary integrity pinning — flags if an allowed app's executable changes
• Blocklist subscriptions — 14 preset lists (StevenBlack, OISD, Hagezi, URLhaus, Phishing Army and more)
• World connection map with great-circle arcs
• Connection history (SQLite, 30 day retention)
• Statistics dashboard — top apps, hosts, countries
• GNOME desktop notifications for allow/deny prompts (visible when minimised)
• Manual IP blocking via ufw, nftables, or iptables
• Themes: System, Dracula, Catppuccin (Latte, Frappé, Macchiato, Mocha)
• System tray support

Install

sudo dpkg -i geonetmon_1.0.0_all.deb
sudo apt install -f # pulls any missing dependencies

Log out and back in after install, then launch from your application menu or run geonetmon.