refactor(littlesnitch): create new, more strict rules

2026-02-09 05:44:23 +00:00 · 2024-02-19 22:50:34 +01:00
parent 16d2affe05
commit 087bdc340d
8 changed files with 341 additions and 6 deletions
--- a/snitch/rules/all.lsrules
+++ b/snitch/rules/all.lsrules
@@ -2,6 +2,30 @@
    "description": "Michele Cereda's collection of common Little Snitch rules.\nAssumes a deny-all default policy.",
    "name": "Michele Cereda's Rules List",
    "rules": [
+        {
+            "action": "allow",
+            "notes": "Allow Betterbird to connect to Google's mail servers.",
+            "ports": "993",
+            "process": "/Applications/Betterbird.app/Contents/MacOS/betterbird",
+            "protocol": "tcp",
+            "remote-hosts": "imap.gmail.com"
+        },
+        {
+            "action": "allow",
+            "notes": "Allow Betterbird to securely connect to websites.\nUsually used by images in email, and feeds.",
+            "ports": "443",
+            "process": "/Applications/Betterbird.app/Contents/MacOS/betterbird",
+            "protocol": "tcp",
+            "remote": "any"
+        },
+        {
+            "action": "allow",
+            "notes": "Allow Betterbird to securely connect to websites.\nUsually used by images in email, and feeds.",
+            "ports": "443",
+            "process": "/Applications/Betterbird.app/Contents/MacOS/betterbird",
+            "protocol": "udp",
+            "remote": "any"
+        },
        {
            "action": "allow",
            "notes": "Allow Bitwarden to connect to its servers.",
@@ -199,6 +223,30 @@
            "protocol": "udp",
            "remote-addresses": "239.255.255.250"
        },
+        {
+            "action": "allow",
+            "notes": "Allow Thunderbird to connect to Google's mail servers.",
+            "ports": "993",
+            "process": "/Applications/Thunderbird.app/Contents/MacOS/thunderbird",
+            "protocol": "tcp",
+            "remote-hosts": "imap.gmail.com"
+        },
+        {
+            "action": "allow",
+            "notes": "Allow Thunderbird to securely connect to websites.\nUsually used by images in email, and feeds.",
+            "ports": "443",
+            "process": "/Applications/Thunderbird.app/Contents/MacOS/thunderbird",
+            "protocol": "tcp",
+            "remote": "any"
+        },
+        {
+            "action": "allow",
+            "notes": "Allow Thunderbird to securely connect to websites.\nUsually used by images in email, and feeds.",
+            "ports": "443",
+            "process": "/Applications/Thunderbird.app/Contents/MacOS/thunderbird",
+            "protocol": "udp",
+            "remote": "any"
+        },
        {
            "action": "allow",
            "notes": "Allow Vivaldi to gather information about certificates.",