Why no passive-block mode?

[POMATu]

There is only passive-allow mode for some reason which probably makes sense if you just wanna limit certain apps, but i want to limit all apps except the ones i am using
and i dont want to allow apple stuff to go to internet which makes windows pop up every now and then there is no end for apple's shit calling home

passive-block mode would be very convenient in this case

[objective-see]

Interesting.
Just to double check, the logic would be?

1. Silently apply existing rules
2. New connections would be silently blocked (but no rules would be created)

[POMATu]

• Silently apply existing rules

• New connections would be silently blocked (but no rules would be created)

yes, example of use case is pretty simple:

1. Install macOS
2. Install Firefox
3. Only allow firefox to go to internet and maybe DNS too
4. Install another app later and whitelist it too

Thats it, no any other bs needs to access internet:

after some time i got bored taking screenshots but it was like this for 10-20 boots maybe:

now its a bit more chill but still popping up sometimes, also my lulu configuration is bloated with a lot of deny profiles for the apps that i dont even know what they are doing because i had to press block to shut it up on each popup. So yh LuLu does not have whitelist mode at all at this point

And yes i am able to use macOS just fine like that (i am not using any apple services). As a bonus my airpods are not allowed to do firmware update without my consent too

[objective-see]

Thanks for the additional information, yes ok, that makes a lot of sense. Will be in (soon to be released) next version:

[objective-see]

Will be added in v3.0, though the pre-release now already has this: