Duplicate Rules Bug?

General discussions about Little Snitch
Post Reply
paulc
Rank 2
Rank 2
Posts: 62
Joined: Fri May 22, 2009 7:13 pm

Duplicate Rules Bug?

Post by paulc » Sun May 24, 2009 4:44 pm

When I booted my machine this morning, I got a LS alert about Apple's software update. Struck me as curious as I had implemented a permanent rule allowing it to contact Apple yesterday. I dealt with the alert by choosing only the server address, port & protocol as Any, and "Forever."

So I go into my rule list and guess what? I have 2 100% identical rules listed for "SoftwareUpdateCheck."

As anyone seen this? Is it a known issue slated for fixing at some future point?

norbert
Objective Development
Objective Development
Posts: 648
Joined: Thu Nov 09, 2006 6:30 pm

Re: Duplicate Rules Bug?

Post by norbert » Mon May 25, 2009 12:36 pm

Which version of Little Snitch do you have installed?
Which version of Mac OS X are you running?

Please select those two identical rules in the Little Snitch Configuration appliaction (hold down the Command key to select multiple rules), press Command-C and paste the results here, or even better, send a bug report. Thanks!

paulc
Rank 2
Rank 2
Posts: 62
Joined: Fri May 22, 2009 7:13 pm

Re: Duplicate Rules Bug?

Post by paulc » Mon May 25, 2009 6:17 pm

norbert wrote:Which version of Little Snitch do you have installed?
Which version of Mac OS X are you running?

Please select those two identical rules in the Little Snitch Configuration appliaction (hold down the Command key to select multiple rules), press Command-C and paste the results here, or even better, send a bug report. Thanks!


2.1.3/10.4.11. Already deleted the duplicate, but I'll file a bug report... I posted to see if I was alone or not.

There also was a few incidents where I was pretty sure I set a permanent rule, only to be binged for it again, but without leaving behind more than one duplicate rule.

More incidents just happened... if connection to weather.com is allowed, why would it want to create another rule to connect to image.weather.com or xoap.weather.com?

action: allow
process: /Users/paulcons/Library/Widgets/The Weather Channel.wdgt/
destination: image.weather.com
port: any
protocol: any
help: wants to connect to image.weather.com on TCP port 80 (http).

action: allow
process: /Users/paulcons/Library/Widgets/The Weather Channel.wdgt/
destination: xoap.weather.com
port: any
protocol: any
help: wants to connect to xoap.weather.com on TCP port 80 (http).

action: allow
process: /Users/paulcons/Library/Widgets/The Weather Channel.wdgt/
destination: weather.com
port: any
protocol: any
help: wants to connect to image.weather.com on TCP port 80 (http).

action: allow
process: /Users/paulcons/Library/Widgets/The Weather Channel.wdgt/
destination: x.imwx.com
port: any
protocol: any
help: wants to connect to x.imwx.com on TCP port 80 (http).

norbert
Objective Development
Objective Development
Posts: 648
Joined: Thu Nov 09, 2006 6:30 pm

Re: Duplicate Rules Bug?

Post by norbert » Mon May 25, 2009 9:07 pm

paulc wrote:if connection to weather.com is allowed, why would it want to create another rule to connect to image.weather.com or xoap.weather.com?

Because these are different hosts that resolve to different IP addresses.

paulc
Rank 2
Rank 2
Posts: 62
Joined: Fri May 22, 2009 7:13 pm

Re: Duplicate Rules Bug?

Post by paulc » Tue May 26, 2009 3:49 pm

norbert wrote:
paulc wrote:if connection to weather.com is allowed, why would it want to create another rule to connect to image.weather.com or xoap.weather.com?

Because these are different hosts that resolve to different IP addresses.


Honestly, I'd expect that allowing a top level domain would also allow any subdomains. This means one could need half a dozen rules to accommodate one domain... so is there any reason why a "feature request" may not be considered?

Post Reply