Vallum application firewall
Post Reply
Posts: 485
Joined: Wed Dec 10, 2014 5:20 pm


Post by hany » Sun May 12, 2019 9:07 pm

Vallum 3.2 is now available as a free update for all Vallum users.

How to update:
To update simply run Vallum 3.2 installer. Your old configuration will be preserved, however please note that your already managed apps will be treated as app bundle, like in Vallum 3.1. You can verify it selecting the apps “Info” tab, and check that “Process Path” and “Bundle Path” are the same. While an old configuration still works perfectly, we suggest you to start from a new configuration or, at least, remove all managed app bundles and re-add them from the Finder.

What's new:

App management paradigm has changed.
Previous versions of Vallum managed apps as bundles when possible, all rules where generated based on app’s bundle path. The only exception was the possibility to match a notification by binary path. Vallum 3.2 uses main process absolute path instead of bundle path. Should an app bundle contain more than one binary executable, you are able to assign different rules to those files.
Additionally, previous Vallum releases where able to identify processes only by their path.
Vallum 3.2 introduces a new way to identify processes: signature fingerprint.
Signed apps are identified by the “AFW stamp”, a string representing some parameters read from app’s signature. Each signed app generates a different and unique AFW stamp, which is supposes to remain unchanged across app updates. This fingerprint is used (optionally) in place of absolute path to create firewall rules. This ensures that when you assign a rule to a signed process, rule is valid only for that process. Should the original file be replaced by a fake one using the same name/path, Vallum will not match it, it will be considered as a different process. Please note that AFW stamp is not a hash. While the hash refers to the binary file itself, AFW stamp is generated reading the app signature.
Each app/process can be matched by path or by signature stamp. Additionally, apps set as “custom” can contain custom rules by path, by stamp or a mix of the two. You are totally free to choose how to match a process, and you can always change it on the fly.
Notification window also offers a new cleaner interface with a new large popup button where the user can choose how to match the process: absolute path, name or signature.
Vallum now displays a more detailed app info panel. Now it displays all information included in the signature. Additionally, Vallum performs some checks:
- Unsigned apps: Vallum warns you when a app/process is not signed
- Signature validity: Vallum warns you when an app/process has an invalid signature
- Certificates validity: Vallum validates all certificates used to sign an app.

Vallum Apps Monitor
Vallum 3.2 introduces an important new feature: network monitor. This window displays currently connected apps, and for each app the list of currently connected IP and ports. From Vallum Monitor it is possible to directly block all connections from an app, or only a single connection to a specific IP or port. Additionally, Vallum Monitor displays the amount of traffic generated by each app or process.
Even if Vallum Monitor looks like a simple Vallum window, it is an independent app using a dedicated privileged helper. It does not display any icon in the dock or in menu bar. Vallum Monitor automatically quits (and closes its privileged helper tool) when the window is closed. This ensures that all resources and memory used by Vallum Monitor are freed when you don’t need it any more. Vallum Monitor app bundle is inside app bundle, however it can be used even if Vallum is closed, as it does depend on Vallum in any way.
When opening Vallum Monitor for the first time you may be requested to enter the administrator password. This is because Vallum Monitor needs to install its privileged helper tool vallummonitord. You just need to do it once. Once done, Vallum Monitor will automatically start after a few seconds.

Bandwidth throttling
Vallum 3.2 allows you to throttle apps bandwidth. Each app can be throttled independently. You can limit upload and/or download bandwidth in a transparent and easy way from Vallum app editor: double click an app icon to display app editor window, select “Bandwidth” tab then check “Limit upload bandwidth” and/or “Limit download bandwidth”, set the speed and that’s it. All changes are immediately active at runtime.

Post Reply