{
"description" : "John's Common App Rules. https://raw.githubusercontent.com/jkamenik/little-snitch-rules/master/CommonApps.lsrules",
"name" : "John's Common App Rules",
"rules" : [
{
"notes": "1Password",
"action" : "allow",
"ports" : "443",
"process" : "\/Applications\/1Password 7.app\/Contents\/MacOS\/1Password 7",
"protocol" : "tcp",
"remote-domains" : ["appcenter.ms"]
},
{
"notes": "1Password Helper",
"action" : "allow",
"ports" : "443",
"process" : "\/Applications\/1Password 7.app\/Contents\/Library\/LoginItems\/1Password Extension Helper.app\/Contents\/MacOS\/1Password Extension Helper",
"protocol" : "tcp",
"remote-domains" : ["appcenter.ms"]
},
{
"notes": "Alfred",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Alfred 4.app\/Contents\/MacOS\/Alfred",
"protocol" : "tcp",
"remote-domains" : ["alfredapp.com"]
},
{
"notes": "Alfred Preferences",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Alfred 4.app\/Contents\/Preferences\/Alfred Preferences.app\/Contents\/MacOS\/Alfred Preferences",
"protocol" : "tcp",
"remote-domains" : ["alfredapp.com"]
},
{
"notes": "Amazon Chime IPs",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/Amazon Chime.app\/Contents\/MacOS\/Amazon Chime",
"remote-addresses" : "2001:558:feed::1"
},
{
"notes": "Amazon Chime Deny Tracking",
"action" : "deny",
"owner" : "me",
"process" : "\/Applications\/Amazon Chime.app\/Contents\/MacOS\/Amazon Chime",
"remote-hosts" : "mobileanalytics.us-east-1.amazonaws.com"
},
{
"notes": "Amazon Chime",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/Amazon Chime.app\/Contents\/MacOS\/Amazon Chime",
"remote-domains" : ["chime.aws","in.appcenter.ms","s3.amazonaws.com","us-east-1.amazonaws.com"]
},
{
"notes": "Atom (editor)",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/Atom.app\/Contents\/MacOS\/Atom",
"remote-domains" : ["s3.amazonaws.com","appveyor.com","atom.io","bithound.io","bugsnag.com","circleci.com","codacy.com","david-dm.org","npmjs.org","opencollective.com","shields.io","travis-ci.org","quay.io"]
},
{
"notes": "Docker",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Docker.app\/Contents\/MacOS\/Docker",
"protocol" : "tcp",
"remote-domains" : ["docker.com"]
},
{
"notes": "Docker VPN Kit",
"action" : "allow",
"ports" : "443",
"protocol" : "tcp",
"process" : "\/Applications\/Docker.app\/Contents\/MacOS\/com.docker.supervisor",
"via" : "\/Applications\/Docker.app\/Contents\/Resources\/bin\/com.docker.vpnkit",
"remote-domains" : ["alpinelinux.org", "docker.io", "quay.io"]
},
{
"notes": "Dropbox IPs",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/Dropbox.app\/Contents\/MacOS\/Dropbox",
"remote-addresses" : ["162.125.1.1", "162.125.11.1", "162.125.2.1","162.125.248.1", "162.125.3.1", "162.125.4.1", "162.125.5.1", "162.125.64.1", "162.125.65.1", "162.125.66.1", "162.125.67.1", "162.125.68.1", "162.125.69.1", "162.125.7.1", "162.125.70.1", "162.125.71.1", "162.125.72.1", "162.125.8.1", "162.125.80.1", "162.125.81.1", "162.125.82.1", "162.125.83.1", "162.125.9.1"]
},
{
"notes": "Dropbox Domains",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/Dropbox.app\/Contents\/MacOS\/Dropbox",
"remote-domains" : ["dropbox-dns.com", "dropbox.com", "dropboxapi.com", "dropboxstatic.com", "getdropbox.com"]
},
{
"notes": "Dropbox Updater",
"action" : "allow",
"owner" : "me",
"process" : "\/Users\/jkamenik\/Library\/Dropbox\/DropboxMacUpdate.app\/Contents\/MacOS\/DropboxMacUpdate",
"remote-domains" : ["dropbox.com","dropboxstatic.com"]
},
{
"notes": "Evernote",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Evernote.app\/Contents\/MacOS\/Evernote",
"protocol" : "tcp",
"remote-domains" : ["appcenter.ms","evernote.com"]
},
{
"notes": "Excel",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Microsoft Excel.app\/Contents\/MacOS\/Microsoft Excel",
"protocol" : "tcp",
"remote-domains" : ["svc.ms"]
},
{
"notes": "GoToMeeting IPs",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/GoToMeeting.app\/Contents\/MacOS\/GoToMeeting",
"remote-addresses" : ["13.237.209.96", "13.251.227.8", "173.199.0.254", "173.199.11.254", "173.199.14.254", "173.199.15.254", "18.196.38.44", "202.173.28.250", "54.208.199.64", "67.217.69.254", "67.217.86.10", "67.217.86.93", "68.64.18.103", "68.64.18.104", "68.64.23.244", "68.64.25.254", "68.64.26.254", "78.108.118.250"]
},
{
"notes": "GotoMeeting Domains",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/GoToMeeting.app\/Contents\/MacOS\/GoToMeeting",
"remote-domains" : ["expertcity.com","getgo.com","gotomeeting.com","launchdarkly.com"]
},
{
"notes": "GotoMeeting Updater Domains",
"action" : "allow",
"owner" : "me",
"process" : "\/Users\/jkamenik\/Library\/Application Support\/LogMeInInc\/GoToMeeting\/G2MUpdate",
"remote-domains" : ["getgo.com","getgocdn.com"]
},
{
"notes": "ID Service",
"action" : "allow",
"owner" : "me",
"process" : "\/System\/Library\/PrivateFrameworks\/IDS.framework\/identityservicesd.app\/Contents\/MacOS\/identityservicesd",
"protocol" : "udp",
"remote-addresses" : ["10.254.254.254"]
},
{
"notes": "iStat Menu",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Library\/Application Support\/iStat Menus 6\/iStat Menus Status.app\/Contents\/MacOS\/iStat Menus Status",
"protocol" : "tcp",
"remote-domains" : ["istatmenus.app"]
},
{
"notes": "Little Snitch Downloader",
"action": "allow",
"ports" : "443",
"process" : "\/Library\/Little Snitch\/Little Snitch Daemon.bundle\/Contents\/XPCServices\/Little Snitch URL Downloader.xpc\/Contents\/MacOS\/Little Snitch URL Downloader",
"protocol" : "tcp",
"remote-domains" : ["githubusercontent.com","yoyo.org"]
},
{
"notes": "Little Snitch Helper",
"action" : "allow",
"owner" : "me",
"ports": "443",
"process" : "\/Library\/Little Snitch\/Little Snitch Helper.app\/Contents\/MacOS\/Little Snitch Helper",
"remote-domains" : ["obdev.at"]
},
{
"notes": "Little Snitch Updater",
"action": "allow",
"ports" : "443",
"protocol" : "tcp",
"process" : "\/Library\/Little Snitch\/Little Snitch Software Update.app\/Contents\/MacOS\/Little Snitch Software Update",
"remote-domains" : ["obdev.at"]
},
{
"notes": "Mail HTTP",
"action" : "allow",
"owner" : "me",
"ports" : "80",
"process" : "\/System\/Applications\/Mail.app\/Contents\/MacOS\/Mail",
"protocol" : "tcp",
"remote-domains" : ["harborfreight.com","nintendo.net"]
},
{
"notes": "Mail HTTPs",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/System\/Applications\/Mail.app\/Contents\/MacOS\/Mail",
"protocol" : "tcp",
"remote-domains" : ["weightwatchers.com","ww.com"]
},
{
"notes": "Micro Snitch",
"action" : "allow",
"owner" : "me",
"ports": "443",
"process" : "\/Applications\/Micro Snitch.app\/Contents\/MacOS\/Micro Snitch",
"protocol": "tcp",
"remote-domains" : ["obdev.at"]
},
{
"notes": "Pandora",
"action" : "allow",
"ports" : "443",
"process" : "\/Applications\/Pandora.app\/Contents\/MacOS\/Pandora",
"protocol" : "tcp",
"remote-domains" : ["pandora.com","p-cdn.us","pinimg.com"]
},
{
"notes": "Pandora Deny",
"action" : "deny",
"ports" : "443",
"process" : "\/Applications\/Pandora.app\/Contents\/MacOS\/Pandora",
"protocol" : "tcp",
"remote-domains" : ["pinterest.com"]
},
{
"notes": "Podcast (http)",
"action" : "allow",
"ports" : "80",
"process" : "\/usr\/libexec\/nsurlsessiond",
"protocol" : "tcp",
"remote-domains" : ["99percentinvisible.org","acast.com","akamaized.net","bbc.co.uk","everythingisalive.com","feedburner.com","libsyn.com","soundcloud.com","thisamericanlife.org","trumpconlaw.com","wnyc.org"]
},
{
"notes": "Podcast (https)",
"action" : "allow",
"ports" : "443",
"process" : "\/usr\/libexec\/nsurlsessiond",
"protocol" : "tcp",
"remote-domains" : ["99percentinvisible.org","arresteddevops.com","b5dev.com","bbci.co.uk","blubrry.com","chtbl.com","libsyn.com","npr.com","npr.org","omny.com","omny.fm","omnycontent.com","podtrac.com","prxu.org","sciencefriday.com","sndcdn.com","thisamericanlife.org","wnyc.org"]
},
{
"notes": "Slack",
"action" : "allow",
"owner" : "me",
"ports": "443",
"process" : "\/Applications\/Slack.app\/Contents\/MacOS\/Slack",
"remote-domains" : ["atl-paas.net","atlassian.net","chime.aws","gravatar.com","s3-us-west-2.amazonaws.com","slack-core.com","slack-edge.com","slack-imgs.com","slack.com","slackb.com","twimg.com","wp.com"]
},
{
"notes": "Slack Screenshare",
"action" : "allow",
"owner" : "me",
"ports": "22466",
"process" : "\/Applications\/Slack.app\/Contents\/MacOS\/Slack",
"remote-domains" : ["chime.aws","slack-core.com"]
},
{
"notes": "Spotlight",
"action" : "allow",
"owner" : "me",
"ports": "443",
"process" : "\/System\/Library\/CoreServices\/Spotlight.app\/Contents\/MacOS\/Spotlight",
"remote-domains" : ["yahoo.com"]
},
{
"notes": "Things",
"action" : "allow",
"owner" : "me",
"ports": "443",
"process" : "\/Applications\/Things3.app\/Contents\/MacOS\/Things3",
"remote-domains" : ["appcenter.ms","culturedcode.com"]
},
{
"notes": "Ubersicht Curl",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Übersicht.app\/Contents\/MacOS\/Übersicht",
"protocol" : "tcp",
"remote-domains" : ["xkcd.com"],
"via" : "\/usr\/bin\/curl"
},
{
"notes": "Ubersicht",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/Übersicht.app\/Contents\/MacOS\/Übersicht",
"protocol" : "tcp",
"remote-domains" : "xkcd.com"
},
{
"notes": "VBoxHeadless HTTP",
"action" : "allow",
"owner" : "me",
"ports" : "80",
"process" : "\/Applications\/VirtualBox.app\/Contents\/MacOS\/VBoxHeadless",
"protocol" : "tcp",
"remote-domains" : ["ubuntu.com"]
},
{
"notes": "VBoxHeadless HTTPS",
"action" : "allow",
"owner" : "me",
"ports" : "443",
"process" : "\/Applications\/VirtualBox.app\/Contents\/MacOS\/VBoxHeadless",
"protocol" : "tcp",
"remote-domains" : ["ubuntu.com"]
},
{
"notes": "Zoom",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/zoom.us.app\/Contents\/MacOS\/zoom.us",
"remote-domains" : ["cloudfront.net","zoom.com","zoom.us"]
},
{
"notes": "Zoom IPs",
"action" : "allow",
"owner" : "me",
"process" : "\/Applications\/zoom.us.app\/Contents\/MacOS\/zoom.us",
"remote-addresses" : ["162.255.37.124","162.255.38.124"]
}
]
}