Would be nice if i could see which rule(s) were just applied

General discussions about Little Snitch
Post Reply
630
Posts: 4
Joined: Wed Nov 18, 2009 3:20 pm

Would be nice if i could see which rule(s) were just applied

Post by 630 » Wed Nov 18, 2009 3:27 pm

Would also be nice if the subject line of a post could be longer, and if I didn't need a unique user name to use these forums, but I digress.....

I often have the case where a website or an application is not working as expected and I suspect it is a little snitch rule that is causing the problem. But how do I know which rule is at issue? If I knew which rules were applied then I would know which were suspect. As it is now I often have to go through the rather lengthy problem of digging ips for hostnames and then searching for the ips in LS to find the rule that was applied.

My life would be simplified if LS had the rather obvious feature of indicating when a filter was last applied. Surely it must have access to this information.

quidam
Posts: 2
Joined: Sun Nov 29, 2009 3:37 am

Re: Would be nice if i could see which rule(s) were just applied

Post by quidam » Sun Nov 29, 2009 3:58 am

... you mean like a log entry somewhere?

I completely agree: there should be a toggle to enable/disable logging of what is blocked and which rule did it -- would TOTALLY make debugging easier.

If they really wanted to make things fancy and keep all of the logging internal to the app, give me a 'log viewer' that would allow me the ability to select a blocked entry and permit it -- globally if I choose.

Really (and I hate making comparisons to Windows apps, but if the shoe fits), the Windows world had this with a bunch of software firewalls. I used ZoneAlarm for years and even though it was overkill (and does twice the work of LS since it was inbound and outbound traffic) on the logs, it worked great for that: I could selected something that was permitted or denied and easily turn it into a rule.

630
Posts: 4
Joined: Wed Nov 18, 2009 3:20 pm

Re: Would be nice if i could see which rule(s) were just applied

Post by 630 » Sun Nov 29, 2009 10:59 am

quidam wrote:... you mean like a log entry somewhere?


Yes something like that. But now that logging has been such a long standing unmet request, I think it is time to raise the bar. I don't want logging anymore. Logging would have taken very little effort to implement, and been halfway okay. But since I'm tired of waiting for it, I don't want it anymore. It just isn't enough for me. Since we have to wait, and have waited so (too) long, I want something better than that to make up for the time spent waiting and the time I've spent hunting down misbehaving rules.

My goal is to find out if a rule has recently been applied and correct the rule as needed. I now want to see a graphical representation of this in the LS Configuration tool. Either color coding that fades over time, or a miniature timeline for each rule, or a overview timeline showing little spikes when any rule is applied, and then I can click on the spike to see which rule it was and other detailed info. I should be able to navigate to or edit the rule from this timeline. This information should be continuously updated.

In addition, the monitor tool should enable viewing connections that were disallowed as well as those that were allowed. It should show incoming, outgoing and blocked traffic instead of just incoming and outgoing.

I also want a way to reset the cached ip numbers. We type in hostnames, but LS looks up ip's and caches them. It doesn't ever seem to time out these cached ip's. I want to set the age of the cache or have a way to clear the cache manually or schedule clearing of the cache to suit my needs. I should also be able to override this default at the rule level.

This would be enough for now.

Walter
Rank 3
Rank 3
Posts: 103
Joined: Fri Nov 24, 2006 6:09 pm

Re: Would be nice if i could see which rule(s) were just applied

Post by Walter » Sun Nov 29, 2009 6:15 pm

It would be nice if LS could provide a daily log with dates and time of sites visited and which were allowed entry and those not allowed. Then I could review the log and make corrections or approve the action by LS.

I just had an experience where I started to play a game and a male voice said that LS allowed entry. Although I paid for the game I don't want the programmer knowing when I was playing the game. I would decide when I wanted to make the results of my playing.

With a log i could check by time to see who LS allowed me to connect to.

avenirphoto
Rank 1
Rank 1
Posts: 20
Joined: Sat Nov 07, 2009 8:28 pm

Re: Would be nice if i could see which rule(s) were just applied

Post by avenirphoto » Thu Dec 03, 2009 8:27 pm

I have no proof, only 63 years of dealing with a variety of things and Little Snitch is an invitation to a quandary. It is too confusing. This program should have been designed to simply give you an added option of simply "ACCESS OR DENY" with any action you take or the intruder makes. I see the frustration throughout the situations others on this thread have shown and it disgust me. I tried blocking everything possible BEFORE Apple, Microsoft and another company invaded my computer with updates I did not request. Your computer should be "YOUR PRIVATE DOMAIN", not to be invaded. Little Snitch was suppose to prevent the updates and it failed. This demonstrates the accessibility any computer company has to any computer. The LOCKED areas within Little Snitch should be turned into Access or Deny, whether you want to get to where you want to go or keep someone from getting to you! Anyone invading your personal computer is invading your home, your life and your family. Therefore the invaders should be liable for invasion of privacy without the need of Little Snitch. Who made Apple and other computer companies the "All Mighty" and the right to invade any persons privacy? Voice your opinion directly to Little Snitch to simplify this program!


Post Reply