Groups

Groups are addresses containers. Vallum by default includes some predefined groups. You can create as many custom groups as you need. Each group must have a unique name. All groups can be deleted or edited.

Select Libraries -> Groups to displays Vallum Groups view.
This view lists all current Vallum Groups. Select a Group to display its content. Groups contain:

- IPv4 and IPv6 IP addresses
- IPv4 and IPv6 CIDR network addresses
- hostnames
- domain wildcards

Domain wildcards are usually expressed in this form:
*.apple.com
Please note that a Vallum domain wildcard is not a string wildcard. This means that *.apple.com and *apple.com are equivalent.

Example *.apple.com:
In both cases these hostnames will be matched:
apple.com,
ftp.eu.apple.com,
www.apple.com
And these hostnames will NOT be matched:
www.xapple.com,
www.eu-apple.com

Edit Groups

Select a group from the list to display its content and controls on the bottom-right. Select one or more addresses and click '-' to delete them. To add an address enter the value then press '+'. Alternatively you can use the contextual menu to copy/paste addresses between groups or from/to text views.

How to use groups
Groups can be used as target in outbound rules or as source and/or target in inbound rules. Please note that hostnames and domain wildcards are always ignored in inbound connections. So while you can use groups in inbound rules, all group hostnames and domains will be ignored by inbound rules.

For example if you want to allow inbound connections to a local service from computers on the local network you can create a rule using "local-nets" group as source.

Groups can be useful in outbound rules too.
For example, a typical Vallum usage will result in a lot of Safari rules where connections are matched by hostname or domain wildcard.
Using Groups you can optimize your ruleset reducing the number of rules:

1) create a group for permitted addresses and add at least one address
2) add a new Safari rule to pass all Safari connections to the group you just created
3) select all Safari 'pass' rules using a domain or hostname as target, right-click and select Copy Selected
Rules Target Addresses then click the '-' button to delete selected rules
4) select Libraries -> Groups -> Your group -> right click on its content -> Paste addresses

Local-nets group

This is a special group because it is used by Vallum for rules targeting the local network. For example if you answer a notification popup alert using the option "match all connections from local networks" the resulting rule will use the pre-defined "local-nets" group.
By default this group contains all possible local networks. You can edit this rule to include only the networks you need.