Firewall for outgoing connections

Is there a firewall for OSX Lion, that allows controlling of outgoing connections? The built in firewall handles only incoming connections, apparently.


Solution 1:

Please see the 2020 and 2021 edits below.

The original answer, unchanged:

What you are referring to as "the built-in" firewall is actually the built-in Application Firewall.

There two other built-in firewalls in OS X Lion, pf and ipfw (the latter is being replaced by pf, but still exist in Mountain Lion). These can handle both incoming and outgoing connections and are typically controlled through command line scripts and settings. However, there are third party GUIs for these firewalls, e.g. IceFloor (for pf); WaterRoof and NoobProof (for ipfw). All these GUIs are free.

There is also third party software that can work as firewall, but doesn't use the built-in OS X firewalls. Examples are Litte Snitch and Hands Off (both paid). These can handle both incoming and outgoing connections.

You should be aware that there is some learning curve for these pieces of software, as their settings are not as simplified as the built-in Application Firewall. Little Snitch or Hands Off could be easier to use compared to pf or ipfw or their GUIs.

2020, first edit: ipfw is not being used in the current versions of MacOS. New (since the original answer from 2013) frontend of pf is Murus firewall (has free version with basic functionality, but the more advanced versions are paid). New application firewall is Vallum (paid). Some kind of light hybrid combination of Murus and Vallum is Scudo. Hands Off! is available at a new site. Free application firewall for outgoing connections is LuLu. And of course, Litte Snitch is still available.

2020, second edit: As of macOS Big Sur, Apple apps can bypass the third party firewalls. There are some workarounds available, but these include disabling SIP (not recommended) or enabling kernel extensions that may be disabled during macOS updates.

2021 It seems that the firewall bypass in Big Sur will be removed in version 11.2 and third-party firewalls will be able to monitor and filter all of Apple's software.