mirrors/Mole
1
0
Fork 0
mirror of https://github.com/tw93/Mole.git synced 2026-02-04 13:16:47 +00:00
Code Activity

feat(check): detect third-party firewalls before built-in check

Browse Source 
(#374)

    Support Little Snitch, LuLu, Radio Silence, Hands Off!, Murus, Vallum.
This commit is contained in:
tw93
2026-01-27 20:04:29 +08:00
parent 54259d6df1
commit 8b9436e244
1 changed files with 24 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
lib/check/all.sh
View File

@@ -112,8 +112,31 @@ check_filevault() {
check_firewall() {
# Check whitelist
if command -v is_whitelisted > /dev/null && is_whitelisted "firewall"; then return; fi
# Check firewall status using socketfilterfw (more reliable than defaults on modern macOS)
unset FIREWALL_DISABLED
# Check third-party firewalls first (lightweight path-based detection, no sudo required)
local third_party_firewall=""
if [[ -d "/Applications/Little Snitch.app" ]] || [[ -d "/Library/Little Snitch" ]]; then
third_party_firewall="Little Snitch"
elif [[ -d "/Applications/LuLu.app" ]]; then
third_party_firewall="LuLu"
elif [[ -d "/Applications/Radio Silence.app" ]]; then
third_party_firewall="Radio Silence"
elif [[ -d "/Applications/Hands Off!.app" ]]; then
third_party_firewall="Hands Off!"
elif [[ -d "/Applications/Murus.app" ]]; then
third_party_firewall="Murus"
elif [[ -d "/Applications/Vallum.app" ]]; then
third_party_firewall="Vallum"
fi
if [[ -n "$third_party_firewall" ]]; then
echo -e " ${GREEN}${NC} Firewall ${third_party_firewall} active"
return
fi
# Fall back to macOS built-in firewall check
local firewall_output=$(sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate 2> /dev/null || echo "")
if [[ "$firewall_output" == *"State = 1"* ]] || [[ "$firewall_output" == *"State = 2"* ]]; then
echo -e " ${GREEN}${NC} Firewall Network protection enabled"