Hi,

thanks for great project.
Anyway, I'd be willing to implement this, just wanted to start wider discussion.

I really like Little Snitch user-flow feature, which creates rules per application (by it's path), user id (by process identifier) and per connection (each time application requests to open connection, it will lookup in white/black-list, and without rule applicable to current situation, will throw user dialog to confirm what to do.

To illustrate the situation, i include few screenshots of LS3

It would be really handy to get confirmation dialog on each connection, where rules are made per application uid/guid

Rules (per app)

• URL + PORT
• DOMAIN + PORT
• PORT (any url/domain)
• URL (any port)
• DOMAIN (any port)
• Anything (any domain/url/port, the app is fully trusted then)

Time based

• Once
• Time interval (5,10,15,30,60 minutes)
• Until process is killed (if possible)
• Until device is restarted
• Forever

Application should then provide permanent service notification, where the user could quickly access list of allowed/denied connections (eg. over last 15 minutes) and rules editor, where you could review and debug requests made by application (some short backlog) and see what rules are denying those requests, to easily fix wrongly set rules.

Possibly could be extended by accepting URL patterns similar to AdAway/AdBlock,
white/black-listing allowed underlying network type (cellular,wireless,tethered,vpn,...) and (which is really crazy detailed option) for HTTP requests types (such as GET,PUT,POST,DELETE,UPDATE,...)

So if you please could discuss over this proposal, what would fit your idea, as I said, I'm willing to implement this in open-source, because it would be really good privacy feature, which could possibly replace various adblock solutions and if divided into profiles (home,work,traveling) and user account specific (for multi-user android devices), make really solid user-friendly firewalling solution.