LuLu
An open-source firewall for macOS.
Today we'll be reviewing LuLu by Objective-See. LuLu has similar goals to an application we reviewed last year called Little Snitch. They both aim to control outgoing connections from your Mac.
Blocking outgoing connections can be useful for a variety of reasons:
- Restrict tracking and monitoring software in applications.
- Discover bugs and vulnerabilities in applications.
- Detect malicious software running on the systems.
- Limit bandwidth usage on metered connections.
LuLu can be downloaded for free from Objective-See's website and installed like most applications that are distributed outside of the App Store's walled garden.
After installation, LuLu provides you with some basic rule sets that can be applied. My personal preference is to uncheck "Allow Already Installed Applications" as I want to know what existing applications are phoning home. If you leave that option checked you can see which applications were allowed in the Rules menu later.
On the Mac I'm using to test LuLu the typical suspects are noticed right away:
One difference from Little Snitch is how notifications are "stacked". With Little Snitch notifications are presented as a Modal. You must respond to each alert as it comes in one at a time even if the alerts come from different processes. LuLu will stack the notifications and you can approve/deny them in whichever order you'd prefer.
The alert notifications and rules are also much simpler in LuLu. Little Snitch will allow you to specify specific ports and domains for specific applications. If you're overwhelmed by Little Snitch's options that might make LuLu a better choice for you but if you prefer the granularity provided by Little Snitch you may find LuLu's rules too simplistic.
Creating, viewing, updating, and deleting rules is very straight-forward in LuLu. There is not any equivalent to Little Snitch's Network Monitor (which shows what countries you're connecting to) but it is very user-friendly and intuitive.
So, will I be switching from Little Snitch?
Not quite yet.
Little Snitch currently offers much more granular control over specific ports and domains. It also allows you to block those for a configured amount of time. Both are features that I use heavily.
However, I appreciate that LuLu is open source and if you can't afford the €45/$50 price tag of Little Snitch or, if Little Snitch is too overwhelming for you then LuLu is a great choice!
This is our second review of a macOS firewall, in the future we will take a look at comparable firewalls for Windows (Glasswire) and Linux (OpenSnitch).