Softpedia >Mac >Network/Admin >Vallum >  Changelog

Vallum Changelog

What's new in Vallum 4.1.3

Nov 2, 2023
  • Added compatibility with macOS Sonoma.
  • Bug Fixes

New in Vallum 4.1.1 (Sep 27, 2023)

  • Bug Fixes

New in Vallum 4.1 (Sep 27, 2023)

  • Added compatibility with macOS Sonoma.
  • On macOS Sonoma Vallum needs authorization to access macOS Location Services in order to report current SSID and to provide rules conditions functionality.

New in Vallum 4.0.14 (Apr 20, 2023)

  • Bug Fixes

New in Vallum 4.0.13 (Feb 23, 2023)

  • Bug Fixes

New in Vallum 4.0.12 (Nov 18, 2022)

  • Bug Fixes

New in Vallum 4.0.11 (Jul 3, 2022)

  • Fixed localizations issues
  • Fixed bug in preferences controls

New in Vallum 4.0.10 (Jun 15, 2022)

  • Added option to disable Packet Filter Provider.
  • Packet Filter Provider is a component of Vallum core, AFW.
  • Packet Filter Provider tries to determine an outbound connection target hostname even if the original network flow lacks this information. Unfortunately, due to a macOS bug, using Packet Filter Provider may cause issues in some rare circumstances when using third party VPN apps or when using usb-ethernet adapters.
  • Packet Filter Provider is now disabled by default when installing Vallum for the first time.
  • When upgrading to Vallum 4.0.10 from older Vallum 4 versions Packet Filter Provider will be enabled.
  • To enable/disable Packet Filter Provider click the corresponding checkbox in Vallum Preferences -> Filter.

New in Vallum 4.0.9 (Mar 1, 2022)

  • Fixed a bug in inbound group matching.

New in Vallum 4.0.7 (Nov 14, 2021)

  • Bug fixes.

New in Vallum 4.0.3 (Jul 27, 2021)

  • Added option to require authentication in order to modify/disable the firewall.
  • Added option di disable flow's hostname strict validation.
  • Added Italian and Spanish localizations.
  • Bug fixes.

New in Vallum 4.0.2 (Jun 17, 2021)

  • Vallum Flows Monitor engine can be disabled to save CPU resources. On Intel-based Macs it's disabled by default.
  • Improved and secured inter-process communication between Vallum, Vallum Configurator and Vallum System Extension.
  • Removed "Network Status" tab, added Network Status bar to Vallum Configurator. This bar on the bottom of Vallum Configurator window displays current connection information such as connection type, status, WiFi SSID, active interfaces, gateways.
  • Improved energy management.
  • Added bandwidth throttling button. This opens Snail app. Snail is free for all Vallum registered users.
  • Bug fixes.

New in Vallum 4.0.1 (May 25, 2021)

  • Vallum Flows Monitor is back. Open it from Vallum menulet. Right-click on flows table to display contextual menu and drop/block connections.
  • Filter optimization
  • Bug fixes

New in Vallum 3.3.2 (Mar 26, 2020)

  • Improved compatibility with Murus 2 beta
  • Minor bug fixes

New in Vallum 3.3.1 (Aug 30, 2019)

  • Fixed bug that in some cases prevents Vallum from starting correctly on macOS 10.14.5 and later
  • Afw kext is now stapled
  • Pf helper is compatible with Murus 2 beta
  • Bug fixes

New in Vallum 3.3 (Jun 7, 2019)

  • Changes:
  • Fixed bug that may cause the afw helper to crash
  • Added new privileged helper for pf-related tasks. This helper is shared with the upcoming versions of Scudo and Murus
  • Improved apps bandwidth management

New in Vallum 3.2 (May 7, 2019)

  • Changes:
  • App management paradigm has changed:
  • Previous versions of Vallum managed apps as bundles when possible, all rules where generated based on app’s bundle path. The only exception was the possibility to match a notification by binary path. Vallum 3.2 uses main process absolute path instead of bundle path. Should an app bundle contain more than one binary executable, you are able to assign different rules to those files.
  • Additionally, previous Vallum releases where able to identify processes only by their path.
  • Vallum 3.2 introduces a new way to identify processes: signature fingerprint.
  • Signed apps are identified by the “AFW stamp”, a string representing some parameters read from app’s signature. Each signed app generates a different and unique AFW stamp, which is supposes to remain unchanged across app updates. This fingerprint is used (optionally) in place of absolute path to create firewall rules. This ensures that when you assign a rule to a signed process, rule is valid only for that process. Should the original file be replaced by a fake one using the same name/path, Vallum will not match it, it will be considered as a different process. Please note that AFW stamp is not a hash. While the hash refers to the binary file itself, AFW stamp is generated reading the app signature.
  • Each app/process can be matched by path or by signature stamp. Additionally, apps set as “custom” can contain custom rules by path, by stamp or a mix of the two. You are totally free to choose how to match a process, and you can always change it on the fly.
  • Notification window also offers a new cleaner interface with a new large popup button where the user can choose how to match the process: absolute path, name or signature.
  • Vallum now displays a more detailed app info panel. Now it displays all information included in the signature. Additionally, Vallum performs some checks:
  • Unsigned apps: Vallum warns you when a app/process is not signed
  • Signature validity: Vallum warns you when an app/process has an invalid signature
  • Certificates validity: Vallum validates all certificates used to sign an app.
  • Vallum Apps Monitor:
  • Vallum 3.2 introduces an important new feature: network monitor. This window displays currently connected apps, and for each app the list of currently connected IP and ports. From Vallum Monitor it is possible to directly block all connections from an app, or only a single connection to a specific IP or port. Additionally, Vallum Monitor displays the amount of traffic generated by each app or process.
  • Even if Vallum Monitor looks like a simple Vallum window, it is an independent app using a dedicated privileged helper. It does not display any icon in the dock or in menu bar. Vallum Monitor automatically quits (and closes its privileged helper tool) when the window is closed. This ensures that all resources and memory used by Vallum Monitor are freed when you don’t need it any more. Vallum Monitor app bundle is inside Vallum.app app bundle, however it can be used even if Vallum is closed, as it does depend on Vallum in any way.
  • When opening Vallum Monitor for the first time you may be requested to enter the administrator password. This is because Vallum Monitor needs to install its privileged helper tool vallummonitord. You just need to do it once. Once done, Vallum Monitor will automatically start after a few seconds.
  • Bandwidth throttling:
  • Vallum 3.2 allows you to throttle apps bandwidth. Each app can be throttled independently. You can limit upload and/or download bandwidth in a transparent and easy way from Vallum app editor: double click an app icon to display app editor window, select “Bandwidth” tab then check “Limit upload bandwidth” and/or “Limit download bandwidth”, set the speed and that’s it. All changes are immediately active at runtime.

New in Vallum 3.1 (Jan 11, 2019)

  • Swift code converted to version 4.2
  • added option to override dark mode settings
  • fixed bugs in rule editor
  • fixed memory leaks
  • changed authorization system, now using default macOS authorization view
  • now it is easier to reorder custom global rules, mouse cursor changes its shape when you drag a rule over an acceptable position
  • fixed bugs in real time logs viewer
  • fixed rule matching bug for “by name” rules assigned to binaries inside app bundles
  • added “Binary match” option to notification window for app bundles; when this option is checked rule will be created using the original binary path/name instead of bundle path/name
  • added popup menu to notification window to copy connection parameters to clipboard
  • improved notification description now includes both IP address and hostname when available
  • Vallum and its components are now notarized using the official Apple notarization service

New in Vallum 3.0.4 (Dec 4, 2018)

  • Changes:
  • minor bugs fixed

New in Vallum 3.0.3 (Nov 11, 2018)

  • Minor bugs fixed

New in Vallum 3.0.2 (Nov 7, 2018)

  • Notification window displays the original DNS name, not the reversed one
  • Fixed bugs in rule editor window
  • Fixed XPC bug with Safari 12
  • Improved support for dark mode
  • Fixed bug in Vallum locking/unlocking
  • Improved compatibility with macOS 10.14 Mojave
  • Minor bugs fixed

New in Vallum 3.0.1 (Jun 23, 2018)

  • Minor bugs fixed.

New in Vallum 3.0 (May 18, 2018)

  • Everything is changed under the hood, Vallum 3 is really different from older versions. However the most basic features are the same, just drag apps and folders icons from the macOS Finder to Vallum window to block them.
  • Unlike older versions Vallum 3 features a global set of rules which is displayed on bottom side of main window. Ruleset can be edited managing apps, folders, groups, users or adding custom rules and answering notification popup alerts.
  • Every app or folder has its own set of rules. These rules can be generated by Vallum, or by answering notification popup alerts or adding custom rules. Rules order can be changed at any time and rules can be deleted or edited. Unlike previous Vallum versions you are totally free to choose rules order. Additionally, Vallum 3 rules feature a much more complex structure, very similar to pf rules in both syntax and logic.
  • Group management allows you to create groups just like Murus. Vallum groups are translated into afw runtime tables just like Murus groups are translated in to pf runtime tables. Some predefined groups are already available, including all nations groups.
  • Vallum is now multiuser. You can protect your non-admin users from unwanted connection or schedule their network access policy. Non-admin users can be managed transparently without requiring their acknowledgement or interaction. Each rule can be effective on all users or a specific user.
  • Vallum logging system is much more powerful than previous versions. It is now possible to set the “log” flag for each rule. Logs are stored in a SQLite db, Vallum provides several ways to analyse logs including recursive queries, pie charts, monthly and daily graphic reports and comparisons.
  • Configuration Assistant is now easier and allows you to configure Vallum in a few seconds.
  • Vallum 3 is based on afw, a free kernel-based socket filter. Afw can be controlled from the shell terminal using the afwctl command. afw man pages are included in Vallum documentation.
  • Notification popup alerts improvements: it is now possible to pass/block a connection by IP and port, or by group and nation, or it is possible to pass/block a directory included in process path. Then you can set parameters like log, quick, or choose to apply the answer rule to all users or only current user. It is also possibile to choose whether to block an app by path or by name.
  • Improved GUI: drag and drop rules between apps or addresses between groups to duplicate, copy/paste apps ruleset, rules and addresses, multiple selections… and much more.

New in Vallum 3.0 Beta 3 (Mar 22, 2018)

  • Everything is changed under the hood, Vallum 3 is really different from older versions. However the most basic features are the same, just drag apps and folders icons from the macOS Finder to Vallum window to block them.
  • Unlike older versions Vallum 3 features a global set of rules which is displayed on bottom side of main window. Ruleset can be edited managing apps, folders, groups, users or adding custom rules and answering notification popup alerts.
  • Every app or folder has its own set of rules. These rules can be generated by Vallum, or by answering notification popup alerts or adding custom rules. Rules order can be changed at any time and rules can be deleted or edited. Unlike previous Vallum versions you are totally free to choose rules order. Additionally, Vallum 3 rules feature a much more complex structure, very similar to pf rules in both syntax and logic.
  • Group management allows you to create groups just like Murus. Vallum groups are translated into afw runtime tables just like Murus groups are translated in to pf runtime tables. Some predefined groups are already available, including all nations groups.
  • Vallum is now multiuser. You can protect your non-admin users from unwanted connection or schedule their network access policy. Non-admin users can be managed transparently without requiring their acknowledgement or interaction. Each rule can be effective on all users or a specific user.
  • Vallum logging system is much more powerful than previous versions. It is now possible to set the “log” flag for each rule. Logs are stored in a SQLite db, Vallum provides several ways to analyse logs including recursive queries, pie charts, monthly and daily graphic reports and comparisons.
  • Configuration Assistant is now easier and allows you to configure Vallum in a few seconds.
  • Vallum 3 is based on afw, a free kernel-based socket filter. Afw can be controlled from the shell terminal using the afwctl command. afw man pages are included in Vallum documentation.
  • Notification popup alerts improvements: it is now possible to pass/block a connection by IP and port, or by group and nation, or it is possible to pass/block a directory included in process path. Then you can set parameters like log, quick, or choose to apply the answer rule to all users or only current user. It is also possibile to choose whether to block an app by path or by name.
  • Improved GUI: drag and drop rules between apps or addresses between groups to duplicate, copy/paste apps ruleset, rules and addresses, multiple selections… and much more.

New in Vallum 2.3.2 (Aug 25, 2017)

  • Improved compatibility with macOS 10.13 High Sierra
  • Bugs Fixed

New in Vallum 2.3.1 (Jun 23, 2017)

  • Bugs Fixed

New in Vallum 2.3 (Jun 15, 2017)

  • Bugs fixed.

New in Vallum 2.2.1 (Mar 29, 2017)

  • Added option to enable/disable scrolling in logs view
  • Improved overall stability

New in Vallum 2.2 (Mar 8, 2017)

  • Bugs fixed

New in Vallum 2.1 (Dec 12, 2016)

  • Lock/unlock the firewall providing administrator password. Administrators can use Vallum to constrain normal users connectivity
  • Improved apps rules logic, now it is possible to add both blocked and passed records to both inclusive and exclusive apps
  • Added contextual menus for all lists
  • Copy/Paste IP addresses, hostnames and apps rulesets from contextual menus
  • Pass/block apps, ports or IP addresses from logs contextual menu
  • Improved GUI readability and usability
  • Show per-apps logs in apps popover view
  • Fixed Murus interaction bugs
  • Minor bugs fixed

New in Vallum 2.0 (Nov 23, 2016)

  • improved TCP and UDP filters, now the filter matches all processes and all TCP/UDP connections
  • added a new layer of rules: global network rules
  • simplified notification window
  • step by step configuration assistant
  • improved predefined strategies
  • new GUI now displays all rules in the same window
  • enable/disable the firewall directly from Vallum icon near the macOS clock
  • added support for IPv6 subnets in rules
  • pass/block subnets from notification alerts
  • improved overall stability
  • support for multiple users and fast user switching
  • dropped support for OS X 10.9 Mavericks
  • trial policy has changed, now all features are available in trial mode. The only trial limitation is a popup reminder every 4 hours.
  • minor improvements such as confirmation dialogs, sort apps alphabetically, and such
  • notification alerts appear always in the center of active screen.
  • optional set of icons for increased readability or color blind users
  • dark theme
  • bug fixes
  • improved documentation

New in Vallum 1.3.1 (Nov 23, 2016)

  • Improved stability when using two or more monitors

New in Vallum 1.3 (Oct 10, 2016)

  • Vallum code ported to Swift 3
  • improved interface now uses modal panels and progress indicators
  • simplified registration process
  • app view displays a question mark when a managed app is missing
  • added option to hide popup message when automatically switching preset
  • added option to hide splash screen at Vallum startup
  • added option to enable app's signature verification in apps view (disabled by default)
  • signature verification speed improved, bundle resources are ignored
  • changed Vallum configuration location, now in /etc
  • changed Vallum configuration file format to binary however old text based xml file can be used. It is also possible to export text based configurations keeping the ALT/OPTION key pressed while Vallum Tools menu is open.
  • notification alerts 'silence' button is always unchecked in new alerts
  • bug fixes

New in Vallum 1.2 (Sep 9, 2016)

  • App signature information is back like in Vallum 1.0 and early 1.1 betas. Each app displays an icon to inform whether the app is signed or not.
  • Logging kernel extension removed. Now the Vallum core relies on a single network kernel extension which takes care of both filtering and logging.
  • Logs window now displays if a connection is passed or blocked. Blocked connections are red.
  • Fixed permissions, now Vallum can be used by non-admin users on Sierra.
  • Logs window now displays the responsible app for an XPC service connection ("via" connections).
  • Added automatic XPC services management.
  • Exclusions behavior has changed. Now apps that match an exclusions are not displayed in main apps view. Managed apps do override exclusions.
  • Vallum user guide is now online and available in-app as well.
  • Improved GUI with new buttons to add/remove exclusions and view log file.
  • Added confirmation dialogs.
  • Log apps connections to file.
  • Log file rotation.
  • Improved custom presets management.
  • Bug fixes.

New in Vallum 1.1 (Jun 27, 2016)

  • Changes:
  • added option to pass/block port from notification popup alert.
  • added two new app statuses: inclusive and exclusive apps.
  • apps records can now be edited in app popover view.
  • edit apps rules adding/removing IPv4 addresses, IPv6 addresses, hostnames, IPv4 CIDR subnets, ports, port ranges.
  • via connections: when possible, agent displays app responsible for an xpc helper connection.
  • apps can be sorted by status, type or signature.
  • apps can be filtered by name (in "big icons" view mode) or searched by name (in "list" view mode).
  • apps logs can be filtered by process name or address.
  • option to change apps labels colors.

New in Vallum 1.0 (Apr 29, 2016)

  • First public release.
  • How to update from earlier betas:
  • Please uninstall old Vallum 1.0 private betas using the old in-app uninstaller before running this new Vallum 1.0 release.
  • Old Vallum 1.0 private betas configuration files are not compatible with this Vallum release and must be trashed.
  • Firewalls:
  • Please stop the OSX ALF firewall in System Preferences and uninstall third party firewalls like RadioSilence, Hands Off, TCPBlock, Little Snitch before running Vallum.

New in Vallum 1.0 Beta (Apr 7, 2016)

  • First public Beta