Name: Murus Pro for Mac
Version: 1.4.3 beta 2
Release Date: 16 Sep 2016
Mac Platform: Intel
OS version:OS X 10.9.4 or later
Processor type(s) & speed: 64-bit
Includes: serial number that work only with this ked copy
Web Site: http://www.murusfirewall.com/
Advanced Graphical User Interface for OS X PF firewall.
It's main purpose is to speed up network firewall configuration and testing, using a simple interface. Filtering and networking options can be set dragging and dropping icons, changing their order, and selecting check boxes. There is no need to learn code syntax or to type strange commands. Everything is managed by visual elements like buttons, collections, graphics, leads.
OS X is one of the most secure computer operating systems today. It features a solid UNIX base and a lot of security features. OS X from the beginning shipped with a pre-installed firewall named IPFW. Directly derived from other less- known operating systems like *BSD, IPFW has been the default OS X firewall from Mac OS X 10.0 to Mac OS X 10.6. Apple started changing it's firewall policy with Mac OS X 10.5, introducing a built in application firewall, ALF, that can be configured from System Preferences Security preference pane, while IPFW can be configured only using the shell Terminal. On the other hand, Mac OS X Server featured a very simple IPFW graphic frontend.
OS X 10.7 officially introduced a new network firewall, PF, and deprecated the old IPFW. Both PF and IPFW were installed but PF was the preferred choice according to OS X man pages, even if IPFW was the preferred choice for Mac OS X Server 10.7, according to Apple corporate web site. IPFW survived until OS X 10.9, when it's been removed from OS X 10.10. PF is a much more powerful, elegant network firewall. OS X PF implementation is derived from OpenBSD 4.3 PF, with some tweak made by apple. Most notably, traffic shaping is achieved using the old Dummynet, while ALTQ has totally been left out from OS X PF.
Currently OS X 10.9+ features two firewalls:
ALF: application level firewall, can be configured using System Preferences Security prefpane. It allows or blocks network connections at application level.
PF: network firewall, can be configured using the shell terminal or using a third party front-end, like Murus. It allows or blocks network connections at network level, letting you build and customize a complex network infrastructure.
Both firewalls are disabled by default on a freshly installed OS X system. While ALF is quite easy to enable, and does not require a real configuration, PF does require a deep knowledge of its syntax and logic, and requires the user to manually edit configuration files. Also PF firewall and PF network monitoring has to be done from the command line. The average user really needs a graphic front-end for PF in order to activate network filtering.
Both PF and ALF firewalls can be activated simultaneously, and they will work together. Their approach to network filtering is different, and they follow different logic patterns. The same is true for third party firewalls. Every application firewall can work together with a network firewall. So, for example, the user can run PF network filtering using Murus and application filtering using LittleSnitch in place of ALF.
Murus is NOT a firewall. Murus is a graphic interface for PF. Actually, Murus is much more, because it does a lot more than simple filtering. It lets the user create very complex sets of rules, with advanced options like port knocking, adaptivity, accounting, and much more. The user can monitor network activity, services activity, logs activity in real-time and can interact with connections and rules.
PF ruleset can be managed at three different levels of abstraction:
- the most intuitive collection of icons and leds
- expanded PF ruleset with each rule coming with descriptive leds and icons, and a detailed textual comment
- true-real-time PF browser with anchor-path browsing and pf-table listing
The user is able to configure and debug its PF rule-set combining these 3 levels of abstraction simultaneously. The ‘Test' button is also available, and helps debugging the rule-set without modifying runtime rules. ‘Test' is able to find errors in PF configuration, and display the rule that generated this error.
Murus logic lets the user choose between inclusive and/or exclusive approach to filtering. And this is true at every Murus level: groups, services, logs, accounting, nat. Features like groups interface binding and custom services let the user access a nearly infinite number of PF configurations.
All these features are available by simply drag-n-dropping icons. Experienced system administrators will be able to add custom PF rules, and manage mixed rule-sets with both murus-generated and custom rules.
Murus installation is safe. Murus does not modify PF system files and does not install any kernel extensions. It makes use of tools and functions already built into OS X.
・Expanded PF config.
・7 predefined presets
・Realtime PF browser
・Fully customized rulesets
・Manual custom rules
・NAT and forwarding
・PF states inspector
・Murus logs visualizer app included
What's New in Version 1.4.3 beta 2:
・Runs on macOS 10.12 Sierra GM, including PF logging
・Added confirmation dialogs
・Improved error handling for remotely managed Macs