FEATURES

  • Firewall Filtering
Firewall Filtering

Use built-in Groups and Services or create your own. Drag and drop Services and Groups to allow services and to assign access permissions. Choose between inclusive or exclusive filtering, fine tune all filtering rules, define the global filtering policy.

  • Firewall Logging
Firewall Logging

Choose the global logging policy, then define a per-service policy. This allows the user to set a fine-tuned logging policy in order to produce a very data consistent and informative log file. Watch video tutorial…

  • Dummynet Bandwidth Management
Dummynet Bandwidth Management

Create Dummynet Pipes and Queues to selectively limit download and/or upload bandwidth. These limits can be applied to managed services and NAT groups. Supports Worst-case Fair Weighted Fair Queueing policy (WF2Q+). Murus supports also custom bandwidth rules giving you all the freedom you need. Watch video tutorial…

  • Expanded PF Configuration
Expanded PF Configuration

This view helps understanding the current PF ruleset. Rules are represented by icons and by text. Each rule features a dynamically generated comment that explains the rule's presence and purpose. Watch video tutorial…

  • Logs Statistics
Ports Management

Check and manage your local listening ports. This tool helps you configuring Murus giving you a view over your Mac current open ports. You can manage them manually or let Murus decide what to do.

  • Port Knocking
Port Knocking

Hide your public services from port scanners and unauthorized access using port knocking. Use the free multiplatform Murus Knocker client to access hidden services from remote computers. Available for Mac, Linux and Windows. Watch video tutorial…

  • Adaptive Firewall
Adaptive Firewall

Protect your public authentication-based services from brute force attacks using adaptive firewall. Each service can be configured to limit the number of connections over time to prevent users to try to guess your services passwords.

  • Advanced Filtering
Advanced Filtering

Advanced filtering options are grouped in a small popover view. Every option has an icon that appears also on services visual representation.

  • Predefined Presets
Predefined Presets

Starting a firewall configuration from scratch can be hard. Presets are a way to start very basic rulesets chosen from a small list. Each preset comes with a small description. Activate a preset and then modify it to suit your needs. Watch video tutorial…

  • Custom Rules
Custom Rules

The Rule Assistant lets the user build a custom PF rule by selecting popup buttons and checkboxes. The advanced mode lets the user create a hand made rule.

  • Fully Customized Rulesets
Fully Customized Rulesets

For highly-specialized needs, the user can disable Murus' core ruleset infrastructure and enter this fine-grained PF configuration mode.

  • Realtime PF Browser
Realtime PF Browser

This view shows current runtime PF rules in a table based browser. Double click an anchor name or use the toolbar buttons to browse the PF ruleset anchors structure to display filtering, nat and forwarding rules.

  • NAT and Port Forwarding
NAT and Port Forwarding

Share your internet connection with other computers or smartphones and tablets using NAT. Define a per-client or per-group access policy, in order to block unwanted services. Export LAN services to the Internet with port forwarding.

  • Accounting
Accounting

Monitor traffic on a per-user and per-service basis, for both inbound and outbound connections. Accounting can be applied to NAT clients as well.

  • PF States Inspector
PF States Inspector

List current connections and of all the corresponding active PF states. Inspect a state and see information about IP addresses, ports, and the rule that generated the PF state.

  • Hosts Inspector
Hosts Inspector

Each service can be monitored in realtime to list the remotely connected hosts. Both inbound and outbound managed services can be monitored. Murus displays also dns, whois and geoip information about connected hosts.

  • Logs Statistics
Logs Statistics

Analyze PF firewall log files including archived files, and display statistics for addresses and ports. Inspect blocked/passed inbound and outbound traffic, set the amount of data to display and zoom in each port to see the list of blocked addresses.Watch video tutorial…

  • Realtime Logs and Notifications
Realtime Logs and Notifications

Murus Logs Visualizer offers multiple ways to display realtime PF logs, including a simplified view of log entries. Each entry can be analyzed to display addresses, ports, statistics. Each inbound service can be configured to post notifications using the macOS notification system for both passed and blocked connections. Watch video tutorial…

  • Logs Statistics
Proactivity

Download publicly available lists of dangerous IP addresses to block all inbound and outbound traffic from/to these hosts. The list URL can be customized, you can choose your favorite provider.

  • Logs Statistics
Wizard

Let Murus analyze your Mac and manage the right services for you. The configuration wizards is the best way to start using Murus. Watch video tutorial…

  • Interfaces Management
Interfaces Management

List, inspect, monitor and manage all your network interfaces. This view displays all available interfaces with their BSD name. Information view displays PF counters and parameters. Traffic flowing through an interface can be sniffed and filtered for ports and protocols.

  • Interfaces Management
Country Groups

Create Murus groups for each country reading Regional Internet Registries records. Subnets lists are donwloaded from official sources and aggregated to optimize firewall performance. Murus lets you keep your Country Groups definitions up to date in just one click. These groups can be used as normal groups, they can be assigned to services, black list, or can be used to craft custom filtering and bandwidth rules.

  • Interfaces Management
Apps interactions

Murus can interact with its companion apps Murus Logs Visualizer and Murus Services as well as third party applications and scripts. You can select IP addresses in Visualizer and put them in Murus black list or in a new or existing Murus group. Or you can select a service you run on Murus Services, and define firewall rules in one click. Interaction with third party apps and scripts is granted by Murus Agent, a free and open source shell command that can be integrated in custom shell scripts or included in your Swift app source code.