There is a lot of buzz about the new Little Snitch port to Linux. It uses eBPF and Rust, but the backend is proprietary.
Personally, I don’t see the point in installing a proprietary black box to monitor for other black boxes. If I can’t audit a security tool, it doesn’t belong on my system. I’m sticking with my AdGuard Home setup and recommending OpenSnitch for those who need per-binary visibility.
I have written about this on my blog. Let me know if you are interested and would like the link