Rule Group Subscriptions
Rule groups are sets of rules that anyone can create and publish on their web server for others to subscribe to. Whenever changes to the rules are made by the publisher, subscribers receive these changes.
This is useful for providing automatically updating blocklists, distributing a common set of rules to multiple computers in a corporate network, or for app developers who want to provide a set of rules to their customers to make it work seamlessly with Little Snitch.
To let you test this feature we provide an example rule group. To subscribe to this group, open Little Snitch Configuration, choose New Rule Group Subscription from the File menu, and enter the following URL:
You can find more information about subscribing and publishing in the documentation chapter Rule Group Subscriptions.
Other New Features and Improvements
- Improved display of inactive rules in Little Snitch Configuration. If a rule is inactive for whatever reason — either if it’s not enabled, if it’s part of a profile that’s currently not activated, if it’s in a rule group that’s currently not activated, or if the entire network filter is turned off — the rule is now consistently displayed with a gray text color.
- Focus Mode: Little Snitch Configuration has a new mode that allows you to focus on a specific subset of rules. Selecting one or more rules and then choosing View > Focus on Selected Rules or View > Focus on Rules Affecting Selection will focus on just the rules you want to see, while leaving the search field free for further filtering. Focus Mode is also used for revealing matching rules from the connection alert or Network Monitor (e.g. by right-clicking a connection and choosing Show Corresponding Rules).
- The rule groups “iCloud Services” and “macOS Services” can now be activated and deactivated using a checkbox next to their name in Little Snitch Configuration’s left sidebar (previously, these checkboxes could be found in the preferences window). This allows you to see what rules these sets contain before activating them.
- Profiles can now be activated and deactivated in Little Snitch Configuration’s left sidebar using a checkbox next to the profile.
- The special “Code Signature Issue Override Rules” that Little Snitch creates under certain circumstances can now be edited in Little Snitch Configuration just like normal rules. This should make it less confusing to deal with situations where an application is reported to have no valid code signature. See Code signature issues > Special Code Signature Issue Override Rules for more details.
- Connection alerts for applications that have an issue with their code signature now include direct links to the relevant section of the online documentation. The relevant chapter Code signature issues has been extended to provide much more details and examples for how Little Snitch behaves when an application without a valid code signature tries to establish a connection.
- Added support for the current version of the QUIC protocol. This fixes an issue with connections from Google Chrome, where the connection alert only showed the IP address instead of the hostname under some circumstances.
- In addition to checking that an application’s code signature is valid, Little Snitch now also checks the code signing certificate that was used to create the signature. Only certificates that were issued by Apple are currently accepted.
- Many more minor improvements.
- Fixed an issue where a connection alert could sometimes be shown despite an existing rule that allowed the connection. We observed this mainly with Google Chrome.
- Fixed an issue in “Silent Mode – Deny Connections” where incoming TCP connections would sometimes be denied despite an existing rule that allowed the connection.
- Many more minor bug fixes.