Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Little Snitch: How to create an "except" rule?

0 views
Skip to first unread message

John E.

unread,
Jan 25, 2006, 10:21:46 PM1/25/06
to
I want an app to be able to make any network connection except for one IP
address. It's a P2P app, so there are *lots* of possible connections, and I
grow weary of clicking every time a Snitch window comes up for approval.

Alternatively, Little Snitch allows you to create your own rule.

Is it possible to create one that is, in essence, "Allow all connections
except nnn.nnn.nnn.nnn"?

Thanks.
--
John English

nospam

unread,
Jan 25, 2006, 10:49:05 PM1/25/06
to
In article <0001HW.BFFD804A...@news.readfreenews.net>,
John E. <inco...@yahoo.com> wrote:

sure - pick deny instead of allow to nnn.nnn.nnn.nnn.

DaveC

unread,
Jan 26, 2006, 3:20:50 AM1/26/06
to
Thus spake nospam:

> sure - pick deny instead of allow to nnn.nnn.nnn.nnn.

When I launch the app, LS starts asking me, one at a time, to Allow or Deny
the connections.

If I choose Deny for nnn.nnn.nnn.nnn, I have to then sit there and answer
Allow for the hundreds of other connections I'm asked to confirm.

I was hoping for a way to make one rule that says "Allow all connections
except nnn.nnn.nnn.nnn".

Is there any way to simplify the connections Allow/Deny process?
--
Please, no "Go Google this" replies. I wouldn't
ask a question here if I hadn't done that already.

DaveC
m...@privacy.net
This is an invalid return address
Please reply in the news group

nospam

unread,
Jan 26, 2006, 3:41:22 AM1/26/06
to
In article <0001HW.BFFDC662...@news.readfreenews.net>,
DaveC <m...@privacy.net> wrote:

> Thus spake nospam:
>
> > sure - pick deny instead of allow to nnn.nnn.nnn.nnn.
>
> When I launch the app, LS starts asking me, one at a time, to Allow or Deny
> the connections.
>
> If I choose Deny for nnn.nnn.nnn.nnn, I have to then sit there and answer
> Allow for the hundreds of other connections I'm asked to confirm.
>
> I was hoping for a way to make one rule that says "Allow all connections
> except nnn.nnn.nnn.nnn".
>
> Is there any way to simplify the connections Allow/Deny process?

open the little snitch preference panel, then either pick an existing
rule to modify for the app or create a completely new rule for it. then
set it to deny & the ip address or range to block. you might also need
an allow all or an allow range in addition to the single deny.

John E.

unread,
Jan 26, 2006, 1:06:16 PM1/26/06
to
Thus spake nospam:

> open the little snitch preference panel, then either pick an existing rule to

> modify for the app or create a completely new rule for it. then set it to
> deny & the ip address or range to block. you might also need an allow all or

> an allow range in addition to the single deny.

The Little Snitch web site documentation had the answer:

[begin quote]
Adding rules for peer to peer applications like Acquisition, Limewire, ...
Since p2p applications are creating many connections to different hosts on
different ports it is not practicable to create a rule for each host or port.
Instead, only deny those connections you don't like e.g. connections to port
80 or connections to some bad hosts. To avoid further Little Snitch alerts
create an additional rule which allows any connection from your p2p
application.

More specific rules override general rules, regardless of their order in the
listing.

* A rule for a particular application overrides a rule for "any"
application.
* A rule for a particular Internet address overrides a general rule.
* Only the first rule which matches is applied.
* If no rule matches, the Little Snitch alert panel appears.
[end quote]

Thanks,
--
John English

0 new messages