I saw the news about Little Snitch coming to Linux via eBPF and Rust. On paper, it looks fancy. In reality, the backend is closed source.
Personally, I don’t see the point in installing a proprietary black box to monitor other black boxes. I’m sticking with my AdGuard Home setup and OpenSnitch for when I actually need to trace a binary.
I wrote up my thoughts on why I think this is a solved problem for most FOSS-first home labs.
I’m speaking about the firmware and other blobs that are there because devices wouldn’t work without it.
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/WHENCE
This is optional, some distros even have a deblobbed kernel in repos. I believe arch does (linux-libre), guix. Debian used to ship without proprietary firmware by default but there’s since version 12 IIRC.
It’s perfectly doable if you have the right hardware. You don’t have to build those components when compiling it yourself.