Softpedia >Mac >Network/Admin >Murus >  Changelog

Murus Changelog

What's new in Murus 1.4.22

May 23, 2019
  • Bugs fixed

New in Murus 1.4.20 (May 20, 2019)

  • Murus has been notarized using Apple Notary Service
  • Improved dark mode

New in Murus 1.4.19 (Oct 3, 2018)

  • Runs on macOS 10.14 Mojave
  • Minor bugs fixed

New in Murus 1.4.18 (Jul 2, 2018)

  • Runs on macOS 10.14 beta
  • Minor bugs fixed

New in Murus 1.4.17 (May 22, 2018)

  • Minor bugs fixed.

New in Murus 1.4.16 (Feb 6, 2018)

  • Unmanaged ports monitor improvements
  • Minor bugs fixed

New in Murus 1.4.15 (Jan 24, 2018)

  • Changes:
  • Improved stability and minor bug fixes.
  • How to update:
  • Overwrite old Murus app with Murus 1.4.15. Run Murus 1.4.15 to update your boot scripts (if any) then restart your Mac.

New in Murus 1.4.14 (Jan 22, 2018)

  • Improved stability and minor bug fixes.

New in Murus 1.4.13 (Jan 12, 2018)

  • Minor bug fixes.

New in Murus 1.4.12 (Dec 18, 2017)

  • Changes:
  • fixed bug in IPv6 CIDR address validation
  • improved Emerging Threats autoupdate script
  • patched against potentially dangerous local root exploit

New in Murus 1.4.10 (Jun 23, 2017)

  • Bug fixes.

New in Murus 1.4.9 (Apr 10, 2017)

  • Improved logging system on macOS 10.12: now Murus uses a pf log daemon instead of tcpdump
  • Bug fixes

New in Murus 1.4.8 (Jan 17, 2017)

  • Bug fixes.

New in Murus 1.4.7 (Dec 5, 2016)

  • Bug fixes.

New in Murus 1.4.6 (Nov 28, 2016)

  • Changes:
  • Localization Bugs Fixed.

New in Murus 1.4.4 (Oct 25, 2016)

  • Changes:
  • GUI bugs fixed.

New in Murus 1.4.3 Beta (Sep 1, 2016)

  • Fixes some issue in macOS Sierra public beta and adds PF logging.

New in Murus 1.4.2 (Jun 23, 2016)

  • Runs on macOS 10.12 Sierra Beta with some limitations (no logging).
  • GUI bugs fixed.
  • Updated bash scripts.
  • Search Murus Groups.
  • Search PF Tables.
  • Bug fixes.

New in Murus 1.4.1 (Apr 28, 2016)

  • Changes:
  • Murus Search.
  • Overwrite existing custom presets.
  • Clamp MSS: improved support for NAT over PPPoE DSL.
  • Improved interactivity with Vallum application firewall.
  • Improved French localization.
  • Bug fixes.
  • How to update:
  • To update from Murus 1.3.x or 1.4.x quit Murus and copy Murus 1.4.1 icon over the old Murus icon. Launch Murus 1.4.1 and click ‘PLAY’ in the toolbar to update your current runtime ruleset. Press command-S or quit Murus 1.4.1 to save your configuration and start using Murus 1.4.1 .

New in Murus 1.4 (Apr 6, 2016)

  • Changes:
  • Remote safety switch.
  • Overrides check on managed services.
  • User notes.
  • PF mass deployment.
  • Interaction with Vallum application firewall.
  • Bug fixes.
  • How to update:
  • To update from Murus 1.3.x quit Murus and copy Murus 1.4 icon over the old Murus 1.3.x icon. Launch Murus 1.4 and click ‘PLAY’ in the toolbar to update your current runtime ruleset. Press command-S or quit Murus 1.4 to save your configuration and start using Murus 1.4 .

New in Murus 1.4 Beta (Mar 15, 2016)

  • New "white" GUI. This is experimental and may change before final Murus 1.4 is released.
  • PF Deployment. Use Murus Injector and Murus Vials to deploy a full pf configuration in just one mouse click without the need to install Murus. Get Murus Injector 1.0 beta here: http://murusfirewall.com/downloadmurusinjectorbeta.php
  • Remote management safety. Murus now has a specific feature to avoid being locked out when using Murus on a remotely managed Mac.
  • User Notes. All Murus objects can now be commented using user notes.
  • Location Awareness. You can assign a Murus custom preset to each OS X location. Murus will automatically load the custom preset and update runtime PF rules when you switch location from Apple menu or OS X System Preferences.
  • Services overrides. Murus is now able to tell you if a newly added (or moved) service overrides or is overridden by existing managed services. The check is made only on services ports definition.
  • Interaction with Vallum 1.0 private beta 5, the new application firewall for OS X.

New in Murus 1.3.6 (Jan 13, 2016)

  • Added feature to move blocked IPs from proactivity window to black list.
  • Improved IP address info popover.
  • Interactivity with Vallum beta.
  • Bug fixes.

New in Murus 1.3.5 (Nov 19, 2015)

  • Fixed bug in GEOIP data parser.

New in Murus 1.3.4 (Nov 11, 2015)

  • Fixed a bug when importing an address list containing network addresses in CIDR notation.
  • Fixed Murus update bug.
  • Fixed contextual help bug.
  • Fixed other minor bugs and localization errors.

New in Murus 1.3.3 (Oct 31, 2015)

  • Changed logging policy for Murus default configuration. Global logging is now disabled by default on default configuration, wizard configurations and intermediate/expert strategies configurations. Predefined presets has not been changed. The reason for this change is to reduce logs verbosity. Managed services with the “log” options set will off course generate logs, the change affects only the global blocking rules. You still can re-enable global logging in Murus Preferences -> General -> check “Log All Blocked Connections”. Please note that this change does not affect your current configuration at all.
  • Improved country-groups updates. Newly assigned country-groups contents is now automatically updated when updating nations database. The update procedure updates only Murus definitions. To update also runtime rules (and tables) you just need to click PLAY in Murus toolbar.
  • Added option to globally manage specific services parameters. For example you can tell Murus to enable blocked connections’ logging on all inbound managed services in one click, or for example disable notifications, or change access permissions. These options are available clicking the SMALL GEAR popup button on right top of managed services view, for both inbound and outbound.
  • Added warning message when starting PF for the first time. Annoying, but we need it, in order to avoid people being locked out from remotely managed Macs. The message can be disabled. This preference is bound to every configuration, so importing an old configuration or activating the default Murus configuration, a preset or a strategy will re-enable this warning message.
  • Some minor GUI changes:
  • Services Library objects feature a greyscale icon, in order to distinguish them from managed services icons
  • Services Library can be resized to double its size
  • Small magnifier buttons in Services Library and Groups Library has been moved to the right side
  • Managed services, interfaces and pipes big icons shapes have been changed in order to respect the correct ratio (1,618)
  • Welcome picture has been resized
  • Some minor improvements for retina monitors
  • How to update:
  • To update from Murus 1.3.x quit Murus and copy Murus 1.3.3 icon over the old Murus 1.3.x icon. Launch Murus 1.3.3 and click ‘PLAY’ in the toolbar to update your current runtime ruleset. Press command-S or quit Murus 1.3.3 to save your configuration and start using Murus 1.3.3.
  • If your current Murus configuration contains country-groups you can still continue using it, but if you update Murus nations database then these groups' contents will NOT be updated. To update them you need to manually remove these groups from Groups Library (this will remove them from managed services too) and then re-assign them to both your Groups Library and managed services (this will update them to the new format). From now on, these country-groups will be automatically updated every time you do a Murus nations database update. Custom rules that make use of PF tables derived from country-groups are preserved and do not need any change or update.

New in Murus 1.3.2 (Oct 2, 2015)

  • Fixed NAT issue on OS X 10.11 El Capitan

New in Murus 1.3.1 (Oct 2, 2015)

  • Changes:
  • Click the small “earth” button on top of Murus Groups Library to create a nation-group. Create Murus groups for every nation using Regional Internet Registries databases. Nation-groups can be used like normal groups and assigned to services or blacklist, or used in custom rules. Each group is translated into a runtime . Nation-groups cannot be edited, they are created reading RIR servers databases directly. The update feature let you synch current Murus definitions with RIR servers. Murus aggregates subnets obtained by RIR servers in order to drastically reduce subnets lists size (and thus Murus groups size) and improve firewall performance.
  • Murus default Groups Library now shows two new hardcoded groups:
  • - a group for 169.254.0.0/16 network (self-assigned addresses)
  • - a special group named “blocked-hosts” which is used to interact with external apps or to quickly block an address. This group is blacklisted and all connections from/to its hosts are blocked. It can be edited (you can manually add/remove addresses) but it can’t be renamed, deleted from Groups Library or removed from Black List.
  • Murus can now interact with Murus Logs Visualizer. You can select one or more IP addresses in Murus Logs Visualizer and click a button to put them in Murus blacklist. This feature requires Murus to be running, and Murus will ask for confirmation. Once confirmed in Murus, this task does not require you to click PLAY in the toolbar as PF tables are automatically updated in runtime. You can also select one or more IP addresses in Murus Logs Visualizer and add them to an existing or a new Murus group. This action requires a confirmation in Murus.
  • NMurus can now interact with Murus Services. Select a service in Murus Services and click “Configure Firewall” to correctly manage the service inside Murus. This feature requires Murus to be running, and Murus will ask for confirmation.
  • Murus can now interact with external applications to block IP addresses both in Murus configuration and in runtime PF tables using the free open-source Murus Agent shell command. This command can be included in scripts or can be used to craft third party native apps. To interact with Murus configuration Murus must be running, and Murus will ask for confirmation. To interact with runtime PF tables the command must be executed with root privileges.
  • Improved unmanaged port system now displays only well-known ports and hides unknown service’s ports. This option can be disabled in Murus Preferences, or you can just click “MORE PORTS…” button in Unmanaged Ports popover view. This will show all open ports from 1 to 49151. Ports from 49152 to 65535 are always ignored as they were in previous Murus versions.
  • Improved Wizard. Wizard can now be aborted at any time. Aborting the wizard will restore Murus default configuration. Wizard Inbound global filtering rules panel now displays by default only ports with a corresponding service in Murus Services Library. This option can be toggled using a check box button.
  • Fixed bugs in Murus groups management. Now you can create groups importing large text files using common separators. Groups can now be exported to file. Groups can also be checked for duplicated entries.
  • Black List can now be accessed from Groups Library buttons. Blacklisted groups now feature a new icon to identify them.
  • Black List contains the hardcoded group “blocked-hosts”. This group cannot be removed from Black List.
  • Blacklisted connections are not logged anymore. This option can be changed in Murus General Preferences.
  • Added a bunch of new predefined Murus services. Most importantly now DHCP has its own service. However dhcp ports are still included in the BASIC SERVICES definition.
  • Changed some odd-looking service icons with some more nice icons
  • Added Murus Activity Log. Now Murus logs all its activities to /var/log/murus.log. This log can be opened quickly from Murus toolbar TOOLS pop-up button.
  • Added Murus sanity check. If you force quit Murus, or if your Mac crashes, or if Murus crashes, and then you run Murus it will display an alert window. You can try clicking “Run Murus” to start Murus normally with your current settings. If it fails, then run Murus again and select “Fix Murus”. This will restore Murus configuration to factory default, and your configuration will be lost. However your custom presets will be preserved.
  • Interface forwarding is enabled by default in runtime and Murus boot scripts. Now it can be disabled using “Firewall” menu in OSX menu bar. Disabling it will also update boot scripts. Disabling interface forwarding will break NAT but may be necessary in some case.
  • Improved GUI: changed fonts in some panels, improved objects size, shape and alignment. GUI is now optimized for OS X 10.11. Improved support for retina monitors.
  • Improved overall Murus security. Now Murus does not write anymore to /tmp every time you click PLAY.
  • Murus 1.3.1 has been updated to Swift 2.

New in Murus 1.3 (Jul 23, 2015)

  • Changes:
  • Dummynet bandwidth management.
  • Network interfaces management.
  • Custom presets.
  • New runtime PF rules browser.
  • PF is now enabled using tokens.
  • Web-based contextual help.
  • Improved documentation.
  • New video tutorials.
  • Improved GUI.
  • Bug fixes.
  • Supports OS X 10.9 or later.

New in Murus 1.3 Beta 4 (Jun 19, 2015)

  • fixed some GUI bugs
  • added dummynet preference to exclude a group from traffic shaping
  • expires July, 30

New in Murus 1.3 Beta 3 (Jun 13, 2015)

  • Dummynet bandwidth throttling
  • Custom presets management
  • New runtime pf rules browser

New in Murus 1.3 Beta 2 (Jun 11, 2015)

  • runs on OS X 10.11 El Capitan.
  • new PF runtime rules browser. It is now possible to choose between the classic view and the new outline view which displays the whole PF ruleset in one single view. Is also possible to display runtime Dummynet Pipes and Queue. Use the 3-items toolbar segmented control to change view.

New in Murus 1.3 Beta 1 (Jun 5, 2015)

  • INTRODUCES TWO NEW FEATURES:
  • Bandwidth Throttling using Dummynet Pipes and Queues
  • In-App Custom Presets management
  • BANDWIDTH THROTTLING:
  • Dummynet is a bandwidth shaping module already built into OS X. It is used to selectively limit network bandwidth. Pipes and Queues are defined and assigned to Murus managed services and/or NAT groups. It is also possible to issue custom Dummynet rules. To display/collapse Bandwidth Throttling view click METER button in Murus toolbar.
  • Create Pipes:
  • Click the SMALL GEAR button on the top-right to add new Dummynet Pipes. Select a pipe and click the MAGNIFIER button to open the pipe configuration view; configure pipe values using sliders and optionally add Dummynet queues.
  • Limit Managed Services Bandwidth:
  • Select inbound or outbound managed services view, select a service and click its MAGNIFIER button to open the edit view. Click the GEAR button to display service options view. On the bottom-left click UP or DOWN arrows to open a popup menu and assign a Dummynet Pipe or a Dummynet Queue. You can limit upload, download or both. Please note that the same bandwidth limits are applied to both inbound and outbound connections for each managed service. So bandwidth shaping in Murus does not distinguish between inbound and outbound, but only between download and upload.
  • Limit NAT Groups Bandwidth:
  • The same applies to NAT Groups. Select a NAT Group and assign a Pipe or a Queue to download and/or upload. If you want to assign different bandwidth (and priority) to NAT clients you can use Dummynet Queue which offers Worst-case Fair Weighted Fair Queueing policy. For more info about dummynet queues and pipes please look at Murus in-app info button and dnctl man pages. Murus online manual will be updated when Murus 1.3 will be officially released.
  • CUSTOM PRESETS:
  • It is now possible to keep all your favorite Murus configuration into a in-app view. Click the DISK button in Murus toolbar to display the Custom Presets popover view. Click the button to save current Murus configuration as Preset: choose a name, a (optional) description and an icon and save it. To activate a preset select it and click the RIGHT ARROW button. Click its MAGNIFIER button to display info and click the CROSS button to delete it.
  • When you load a Preset you are just importing a Murus configuration. You have to click PLAY in Murus toolbar to update runtime PF rules.

New in Murus 1.2 (May 29, 2015)

  • Improved GUI
  • Improved configuration strategies, presets, wizard. All these features has been grouped.
  • Configuration window has gone, now Configuration view is part of Murus main window and can be displayed/collapsed using the DOUBLE GEAR toolbar button.
  • Groups popover has gone. Groups Library is now displayed on the Libraries view, below the Services Library. Libraries view can be displayed/collapsed clicking the BOOK toolbar button.
  • Murus Tools has been grouped in Tools popup toolbar button.
  • Murus PDF manual has been removed. Murus Help Online is now available. Added contextual help buttons in Murus interface. PF PDF manual is still available for download.
  • Improved custom rules management. Double click a custom rule to delete or edit it.
  • Increased speed when reloading pf
  • Japanese localization

New in Murus 1.2 Beta 2 (May 13, 2015)

  • Increased speed when reloading pf
  • Fixed bugs
  • Adds support for Murus Lite. Now everyone can test Murus 1.2
  • Italian and French localizations are incomplete.

New in Murus 1.2 Beta 1 (May 5, 2015)

  • The interface has been totally redesigned to reflect a pure Yosemite style.
  • The Expanded PF Configuration window and the Murus Groups popover view are gone, and are now part of the main window.
  • All other Tools windows has been redesigned.
  • Wizard, Presets, Welcome page, Strategies and Help page has been grouped.

New in Murus 1.1.2 (Mar 19, 2015)

  • Fixed a bug in Murus ports management.
  • Improved GUI.
  • Introduced configuration strategies. The user can choose between six different firewall configuration strategies. The old Wizard and Presets buttons are two of those six strategies.

New in Murus 1.1.1 (Mar 11, 2015)

  • Fixed a PF groups bug in Murus Lite

New in Murus 1.1 (Mar 5, 2015)

  • Changes:
  • Murus Configuration Wizard: analyze local ports to create a basic firewall configuration following a step by step procedure.
  • Open ports management: check for local listening ports in real time and be notified when an open port is not managed by Murus, or automatically manage ports.
  • Improved custom rules. Added support for custom nat and redirection rules. Added the option to edit existing custom rules. Added support for user-based rules. Improved custom rules GUI.
  • Improved NAT. Added support for multiple LAN interfaces (up to 3), added support for sharing a VPN connection with NAT clients, added option for DNS redirection. Improved NAT logic. Blocking policy between LAN clients and router’s LAN/WAN services can be managed more granularly.
  • Added full support for VLANs.
  • Improved support for custom configurations created disabling the core ruleset. Now both nat and rdr anchors are automatically created. It is possible to mix filtering, nat and redirection rules within a totally custom ruleset.
  • Added Proactivity section in Murus Preferences. Automatically reset port knocking authorizations and blocks and Brute force blocks in background at a given time.
  • Added support for Public Ban Lists. Murus will silently download and update a list of dangerous well-known IP addresses from a given URL, and block all access from/to this list. Default URL is provided by the free emergingthreats.net online service. The URL can be customized.
  • Improved compatibility with Server.app. Now Server.app filtering rules are ignored and do not conflict with Murus rules.
  • Murus is now a signed application to comply with Apple Gatekeeper requirements.

New in Murus 1.0.2 (Jan 19, 2015)

  • Fixed bug while displaying igmp PF states.
  • Fixed minor GUI bugs.

New in Murus 1.0.1 (Jan 19, 2015)

  • Fixed PF log file permissions. Now /var/log/pffirewall.log is set 644 in order to allow non-admin users to run Murus Logs Visualizer.
  • Fixed newsyslog and syslog configuration file management.
  • Fixed bug when adding a new network address to a NAT group using the “verify” option.