Allow delete default rules

[Henrietta1989]

I can't figure out how to delete default rules. I need to delete temporarily some rules to test my setup. Thanks!

[Henrietta1989]

Are you planning feature like this? I need to disable or delete rule for APSD.

[objective-see]

You can manually modify the /Library/Objective-See/LuLu/rules.plist file to disable/delete default rules.

Debating whether this should be allowed via the UI!
(As don't want the average user disallowing required macOS services, etc, then breaking things).

[sschueller]

https://twitter.com/lapcatsoftware/status/1326990296412991489. Trustd should be removed from defaults. Can't block it with Lulu

[android-buildbot]

You can manually modify the /Library/Objective-See/LuLu/rules.plist file to disable/delete default rules.

Debating whether this should be allowed via the UI!
(As don't want the average user disallowing required macOS services, etc, then breaking things).

About that, I can't edit rules.plist because it is unintelligible. VS Code says that it uses an unsupported text encoding.

[calhepburn]

https://twitter.com/lapcatsoftware/status/1326990296412991489. Trustd should be removed from defaults. Can't block it with Lulu

This was 90% reason for me installing LuLu in the first place - if this can't be blocked might as well go to LS.

[Raboo]

Debating whether this should be allowed via the UI!
(As don't want the average user disallowing required macOS services, etc, then breaking things).

Put a small notice that changing "default" rules might break basic OS features and allow the users to decide for them self.
I think people that want a firewall that has a bunch of locked defaults use the built-in firewall in MacOS.

I also want to add that I started using LuLu because of trustd...

[lethargosapatheia]

I would also really like to see such feature integrated into Lulu. People who choose this kind of software are going to know the risks of blocking things. A warning for changing potentially essential rules should be more than enough.
I would also have liked to block apple's ocsp (in view of the recent scandal), but it's considered essential. Eh... :)

[objective-see]

Thanks for the feedback!
...I agreed - I'll work to add this capability.

And I like the idea of warning the user that this might break stuff (this was my sole concern before - but this seems w/ a warning, this is a reasonable compromise)!

Thanks for your patience, will try have a new version out soon w/ this ability!

[objective-see]

Was added to release v2.2.0

[rawtaz]

Slightly confused (not yet using LuLu), your latest reply seems to say that one can delete default rules using the GUI, but at https://objective-see.com/products/lulu.html it says "These rules (which cannot be deleted via the UI) ..". I guess the latter there is outdated? :)

I'm debating switching from LS to LuLu, but there are features I'm missing that feel relevant to keep, e.g. the ability to specify how long to allow/deny a connection when you answer an alert (LS has Until Quit/Logout/Once etc).

[lethargosapatheia]

@rawtaz I am using lulu, but I must say, it's really difficult to use it properly. Too many things are missing, when you start adding dozens of blocking rules, it kind of becomes a mess, you've no idea what you're actually blocking, it's extremely hard to follow what happens. I'm saying this with all due respect. I just don't think it's very practical. The GUI is also lacking. I've opened a few issues related to this which don't cover everything, but I haven't got any answers - which is probably understandable, of course.