IP Blocklist / Blacklist Manager for Mac OS X

Is there an IP address block list manager for the latest versions of OS X similar to Peer Block or Peer Guardian?  I need the ability to block communication between my Mac and thousands of IP addresses without slowing things down.  The block list manager should be able to import a list containing hundreds of thousands of IP addresses in a common format and prevent incoming and outgoing communication between the Mac and IP addresses in the list.
jd1114Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Owen RubinConsultantCommented:
Off the top of my head, have a look at Little Snitch which is way I use.  You can get a trial here: https://www.obdev.at/products/littlesnitch/index.html

It has its own idea of how rules, allow, and block work, but it also runs interactively and tells you when a program is trying to get in or out, and lets you block or approve it immediately, forever, or until you quit the app. It can be a bit annoying in interactive mode for the first week or so while new connections get known, but gets less annoying soon, so that pop-ups of the app finding a new connection get your attention.

the interface looks like this:

Screen-Shot-2019-02-28-at-4.47.41-PM.png
Owen RubinConsultantCommented:
There is also the built in firewall, It is under System Preferences->Security & Privacy, then select Firewall. You can add rules there as well. Its interface is a bit more basic, but probably will do what you want.

Screen-Shot-2019-02-28-at-4.50.52-PM.png
Eoin OSullivanConsultantCommented:
OSX Firewall has 2 built in components .. Application Firewall and PF (Packet Filter)

There is a fairly basic interface in the OSX Setting panel .. if you're comfortable with Command Line you can customise settings also in Terminal

There are a couple of applications Murus and Vallum that have a better and more comprehensive interface on these Firewalls
https://vallumfirewall.com/
https://www.murusfirewall.com/

Little Snitch is primarily an OUTBOUND firewall/filter and allows you to stop/block outgoing traffic but is not really useful for incoming.  I use it .. but on the understanding that its outbound-only

Your specific requirements to block a long list of IP addresses
You can get PeerGuardian for OSX - https://sourceforge.net/projects/peerguardian/
Use Murus Lite (the free version) which can also import a blacklist of IPs

In terms of outgoing connections you could also use a program like Gas Mask to import a load of IPs into your HOSTS file which can block all outgoing traffic
https://github.com/2ndalpha/gasmask


https://www.obdev.at/products/littlesnitch/index.html
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

nociSoftware EngineerCommented:
fail2ban can be used: See also this reference.
It does require to rework the binary logs though:  https://sourceforge.net/p/fail2ban/mailman/message/36279745/
serialbandCommented:
It's easier to install fail2ban through Homebrew (https://brew.sh) and use a standard linux tool.  Unfortunately, they removed ipfilter, a standard bsd firewall (equivalent to iptables on linux) so you can't have equivalent settings and have to learn a different set of command tools.

Here's
http://krypted.com/mac-security/command-line-firewall-management-in-os-x-10-10/
jd1114Author Commented:
Thank you all for your comments.  Eoin, do you have experience with or knowledge of Murus Lite (or the full version) being able to use a black list containing hundreds of thousands of IPs without slowing down the system or freezing?  

Also, it appears that PeerGuardian is no longer developed for OSX so would not work on the current version.  It would be an excellent solution otherwise, though.
Eoin OSullivanConsultantCommented:
I've played with Murus Lite .. but to be honest never pushed it with more than 100 IPs .. hundreds of thousands could well be an issue.  Suck it and see or email the developer for guidance.  To be honest your requirement sounds like it would be best handled by a hardware (or VM device) on your LAN as that level of blocking/checking is more suited to a dedicated device rather than trying to do it inside an OS which is not optimised for filtering network traffic.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.