Little Snitch 5 Help

The rule set

Little Snitch’s behavior is predominantly defined by a set of rules. When Little Snitch sees a new connection attempt, it first consults the rule set. If any matching rules are found, the one with the highest precedence determines the action taken. If none is found, the default action is taken: In Alert Mode, a connection alert is shown and in Silent Mode the connection is immediately allowed or denied.

In order to learn whether a rule matches a particular connection, see section Anatomy of a rule. It describes the rule’s properties and explains how they relate to connections.

In the rest of this section we'll explain what happens if multiple rules in the rule set match the connection. The general concept is that more specific rules take precedence over (they override) more general rules. This concept is easy to remember and in most cases it’s obvious which rule is more specific.

Comparing precedence of two rules

In order to find the rule with the highest precedence among matching rules, it must be possible to compare rules by precedence. The algorithm is as follows:

Sort by precedence

Determining rule precedence by hand may be tedious. Little Snitch Configuration can help. See section Inspect and analyze rules for more information about analyzing rule precedence with Little Snitch Configuration.


Was this help page useful? Send feedback.
© 2016-2024 by Objective Development Software GmbH