[joncp]

That totally breaks my use case for Little Snitch: working tethered. When I tether my laptop it thinks it has free reign with the bandwidth and all of the little background processes can kill my data in a few minutes. With a firewall, I can grant access to only the processes that I need to get my work done.

Now, I guess I have to run some external firewall between my laptop and my phone. ... or better yet, abandon Apple.

[chrisshroba]

For what it's worth, my hacky solution to this is this script which kills all the background processes that use significant bandwidth. If you're interested in how I came up with the list of processes, I can share the BitBar [1] script I wrote for monitoring per-process network usage (I wrote a small wrapper around nettop that logs to a db, which is read periodically by my BitBar script to show me the per-process usage:

    if [ $(whoami) != root ]
    then
      echo "Please run as root, not $(whoami)"
      exit
    fi

    while true
    do
      killall -9 planb 2>/dev/null && echo "$(date) - Killed planb"
      killall -9 murdockd 2>/dev/null && echo "$(date) - Killed murdockd"
      killall -9 uplink-soecks 2>/dev/null && echo "$(date) - Killed uplink"
      killall -9 nsscacheclient 2>/dev/null && echo "$(date) - Killed nsscacheclient"
      killall -9 ksfetch 2>/dev/null && echo "$(date) - Killed ksfetch"
      killall -9 nsurlsessiond 2>/dev/null && echo "$(date) - Killed nsurlsessiond"
      killall -9 softwareupdated 2>/dev/null && echo "$(date) - Killed softwareupdated"
    done

[1]: https://github.com/matryer/bitbar

[GekkePrutser]

Won't Launchd simply start them all up again? It'll be simpler to disable the launchDaemons :P

And really, put a sleep in there of at least a second or so or this'll be a huge resource hog.

[chrisshroba]

> Won't Launchd simply start them all up again?

Yeah, that's why it's running an infinite loop heh

> It'll be simpler to disable the launchDaemons

Simpler that just nuking them with kill -9? No way. Better in literally every other way? Absolutely

> or this'll be a huge resource hog

That's a fair suggestion, but I'm seeing 0.0 CPU and MEM consumption, so I'm not too concerned

[droopyEyelids]

please share the script for monitoring per-process network usage! I'd love it.

[chrisshroba]

I just pasted the relevant files in here. At some point I'll try to make this a bit more professional and easy to use, but for now it works!

https://gist.github.com/chrisshroba/e31fd89b6a560733d3f915e8...

(ps if having an easily installable version of this would be helpful to anyone reading this, please comment or upvote this and maybe I'll prioritize it :) )

[Xavdidtheshadow]

I use Trip Mode for that (https://tripmode.ch/). Though, it's not unlikely it'll have the same issues described in the OP, it does seem to block Apple stuff on Mojave.

[joncp]

Unfortunately, it appears that Tripmode can't filter it either: https://medium.com/tripmode/apple-started-hiding-the-traffic...

[Terretta]

I had replied to parent as well, but then saw your note. So I deleted, and pasting my agreement here:

> free reign with the bandwidth and all of the little background processes can kill my data in a few minutes

New: TripMode 3, made for macOS 11 Big Sur. Easily control your Mac's data usage on slow or expensive networks.

Drastically optimize your Mac’s data usage by automatically blocking unwanted background updates. Keep control with the new live monitor and data usage reports. Reveal domains where your apps send your data to. Now with a redesigned, easier than ever UI.

https://tripmode.ch

[Ensorceled]

Yeah, I tethered my MBP on the train and it used my entire 4GB data plan in about 15 minutes downloading an OS update.

Glad to know stopping shit like that is no longer an option.

[lilyball]

Last year Apple introduced 2 flags on the network: “constrained” (the Low Data Mode toggle) and “expensive” (most cellular and personal hotspots). These are intended to let the app make intelligent decisions about what network requests to do. For example, “expensive” networks should disable background or speculative fetches and only fetch what the user asked for.

Presumably Apple apps that bypass the network filter are making use of these flags already, to avoid unnecessary network traffic.

[LdSGSgvupDV]

Is there no chance for little snitch to block app store? I just have a demo ver of little snitch and will buy it for blocking all apple service. I always connect the internet through my phone outdoors. The bandwidth is limiting...