GlowWorm FW Lite
About Download Contact Support History Screenshots Developer
What are Rules?

Rules are a means by which one can impose network restrictions upon the applications on one's computer. Each Rule specifies one of the actions: Allow, Deny, Ask. If a network event matches on an "Ask" rule, an authorization dialog window will appear, it will show you the details of the event (the application name, the remote IP address, port number, approximate geographic location, etc.) and based on that information you can make a decision about whether or not to allow it. By customizing the set of rules to strictly match the specifics of your computer use, you can have an extra level of security in place, which can alert you if an application starts doing something unexpected ("phoning home"), or a malicious program tries to contact another computer.

How do I find the Rules window?

Switch to the GlowWorm application (the application name should appear just to the right of the Apple menu). Click on the File menu, and go down to Edit Rules. Alternatively, press Apple+R. The Rules window should appear, or just come to the front if it is already open.

How do I add a new Rule?

There are two "starting points" for adding Rules. You can click the + (plus) button on the bottom-left of the Rules window. This will add a Rule to the top of the active Rule set. You can then edit that Rule to your liking. Alternatively, when the Authorization alert window is present, you can choose to remember that action 1) permanently, 2) until GlowWorm quits or 3) until the machine reboots. Each of these actions results in a Rule being added to the appropriate Rule set. You can customize these Rules after they are added.

How do I delete an existing Rule?

Select a Rule from one of the Rule Sets by clicking once on it. Then click on the minus ("-") button on the bottom-left of the Rules window.

How do I switch between the "Main", "System", "Quit" and "Reboot" Rules?

Select the Rule Set that you wish te view from the popup menu in the bottom-right of the Rules window.

What are the "Main" Rules?

The Main Rule Set are those Rules which you can safely customize. When you add a new Rule via the Authorization dialog, it will appear at the top of the Main Rules. If you want to manually add a rule pertaining to an application which is not included by default, this is the best place in which to add it.

What are the "System" Rules?

The System Rules are the various rules that allow Mac OS X to continue to function properly. Nothing (besides sanity) prevents one from modifying these rules, but care should be taken, because several of them are absolutely necessary. Modify at your own risk. Don't come crying to me. If you accidentally delete or otherwise modify these, you can simply quit GlowWorm remove the system.rules file from ~/Library/Application Support/GlowWorm FW Lite/Rules/system.rules and then start GlowWorm again. You will be prompted to re-install that missing file. It should then be back to the "factory default".

What are the "Quit" Rules?

The Quit Rules are those rules which are active until the applicable application quits. Thus, if you establish a Quit rule for a particular application, when that application quits, the rule will expire and eventually disappear. Like magic. There are no Quit rules by default.

What are the "Reboot" Rules?

The Reboot Rules are those rules which are active until you reboot your machine. Thus, if you establish a Reboot rule, the next time you reboot your machine and start GlowWorm, the rule will expire. There are no Reboot rules by default.

How do I change the Address of a Rule?

La la la.

How do I change the Port Number (or range) of a Rule?

All of the editable values of a Rule are edited by double-clicking on the value you wish to edit. Double-click on the port number and a sheet will appear at the top of the Rules window. You can provide a port number or a port range.

How do I change the Application for a Rule?

All of the editable values of a Rule are editable by double-clicking on the value you wish to edit. Double-click on the Application name and a File Choose dialog will appear from the top of the Rules window. You can select a Mac OS X Application bundle or a Unix executable (type a "/" (forward slash) to get a path prompt for hidden directories). Select the application or executable and click "Okay".

How do I temporarily disable a Rule?

Click the checkbox in the "On" column for the rule which you wish to temporarily disable. While the checkbox is checked, the rule is enabled. Un-checking the checkbox is a convenient way to disable a Rule without having to delete it.

How do I install GlowWorm FW Lite?

After downloading the GlowWorm disk image, double-click on the file to mount it (you don't really allow your web-browser to automatically post-process "safe" files, do you?). A new window should appear, as depicted in the screenshot to the left. Drag the GlowWorm icon to the Applications alias icon immediately to its left. Take five. Get something to drink. Come back when you've caught your breath, and then run the program.

How does the registration process work?

The information submitted in the registration form is checked for the required values and sent to an off-site registration server. This registration server adds the information to a database and creates the XML which describes the feature set which should be enabled in GlowWorm, along with various bits of the information the registrant submitted (name, email, etc.). That XML is hashed using the sha2-512 algorithm, and the hash is signed using the ElGamal signature scheme. The two values of the signature, r and s are base-64 encoded (they comprise the top of the registration code), and the XML itself is also base-64 encoded (it comprosises the bottom of the registration code). With a signed registration code now available, it is emailed off to the registrant where it can be copied-and-pasted (or typed, if the registrant is particularly masochistic) into GlowWorm. See the next question for more details on how the registration code is actually used.

How does the registration code work?

Having received the registration code via email, it can be copied-and-pasted into GlowWorm, where it is chopped up into individual lines, and parsed for its three components. Presently, the first four lines represent the base-64 encoded r value of the ElGamal signature, while the second four lines represent the base-64 encoded s value of the ElGamal signature. The XML which specifies the allowable feature set and registrant information is also base-64 encoded, and it comprises all of the rest of the registration code. All three values are decoded, the XML is sha2-512 hashes, and the signature is verified. Once verified, the signature is stored on disk (~/Library/Application Support/GlowWorm FW Lite/RegCodes/) and sent to the kernel extension. It also perform signature verification (not really trusting the user app) and parses the XML for feature codes. Each feature code is processed and the corresponding feature is enabled inside of the kernel. A confirmation is sent back to the user app, and then things start working.

Copyright 2004-2006 Symphonic Systems, Inc. <[email protected]>. All Rights Reserved.