Which free alternatives to Little Snitch can I use to block internet traffic per applications?

macos security software-recommendation network

Little Snitch can block internet traffic of a particular app. Can I do something similar without (paying) Little Snitch, either by using free alternatives or configuring the OS X firewall directly?


Solution 1:

TCPBlock

TCPBlock is a lightweight and fast application firewall … you can prevent selected applications on your computer from opening connections to the network.

TCPBlock is free and can be downloaded from MacUpdate, however TCPBlock doesn't appear to work with El Capitan and is no longer being updated.

PF Firewall

OS X comes with the PF firewall, which can be configured to block all connections to certain servers in all apps. Blocking all connections from a single app is not possible as far as I am aware without external software.

You can use IceFloor as a GUI for the PF firewall.

IceFloor Black List

Solution 2:

LuLu is a great free, shared-source, macOS firewall that can block unknown outgoing connections, unless explicitly approved by the user. It runs on OSX 10.12+ and runs well on macOS Mojave. It can be configured to allow or block Apple signed binaries and has clear GUI based rule set that can be edited. Whilst it is free users are encouraged to support its development - which seems fair.

Solution 3:

Use Radio Silence. Very simple application, but does the job nicely, however it costs $9.

Solution 4:

If you know which server an application is trying to contact, and want to stop it from doing so, you can reroute all communication to a bogus IP address (like 0.0.0.0) or just reroute traffic to itself (the local host). You need administrator privileges (sudo) for this to work.

/etc/hosts

# is a reserved character for starting ignored text. All other lines are parsed in space-separated columns. To stop all connections to facebook (blasphemy!):

# Col 1                 Col 2
# "routed to" address   hostname (dns)
  0.0.0.0               www.facebook.com

Usually the effects are immediate, (like right now I just tried to make sure and it was immediate), but you could unload and reload the multicast dynamic naming service manually.

sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist

launchctl does not support restart like systemctl restart avahi-daemon:(. That is why you must run two commands.

Example of default /etc/hosts file

The name "localhost" works because it is routed here to the ip local host standard address of 127.0.0.1. The cool thing is, you could change it. But that‘d be deviant of you!

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost

Solution 5:

TCPBlock still works in OS X Yosemite (although it doesn't seem to work on El Capitan). Install it, restart the machine, open System Preferences and select TCPBlock. Unlock the pane then select the plus icon then Select Applications and choose Adobe Photoshop.

enter image description here

(sorry about download.com link)

Related

Linux on Mac hardware: How to remove caps lock delay on Apple MacBook Pro aluminum keyboard when booted to Linux
How can I triple boot MacOS Catalina , Ubuntu 18.04, and Windows 10
Can terminal be launched via keyboard shortcut: CTRL+ALT+T?
Macbook Air + Lion + Windows 7 Boot Camp + shared partition
How can I reinstall an application that the Mac App Store thinks is installed already?
Can you disable rubber-band scrolling in OS X Lion?
How to disable Apple Push Notification Service (apsd) which is trying to bypass firewalls
How to show or hide Keyboard Viewer with a keyboard shortcut?
How to determine original location of file that is currently in the Trash?
Switch between full-screen windows of the same application in Lion
Export keychains
How to delete all local TimeMachine snapshots