In the Tech-Preview phase, we do not yet provide a full installer, as it is not yet meant to be run 24/7. When you download the installer package, there is a small script that will start the daemon, user interface and notification bar agent, if available.
Please a keep a close eye on the console output of the daemon, as it will show you what it is doing and if there are any problems.
The two things you should know about Portmaster when testing the software are:
There are three security levels
Regular mode - provides additional security measures to protect your privacy, but will also try to not be in your way to help you stay focused. Use this mode in trusted networks.
Heightend security measures - to keep you safe in untrusted environments. It is automatically activated if you enter an unknown network, like a café’s Wi-Fi, or if an attack is detected. Use this mode when you do not trust a network, or are temporarily in need of more security.
All protective mechanisms available are activated. This will most likely cut off at least some applications from the Internet, but provides best protection technically possible. Use this mode if you think you are currently being attacked, like having clicked on a possible virus.
These Levels also influence which other features are activated. Check out the settings tab in the UI to see (planned) features are set in which security levels they should be active!
Application Profiles are how you can control which application is allowed to connect to the Internet and how. Applications are matched by their installation path - be sure to have to path to the binary right to have a Profile applied (you can check the logs or the monitor tab in the UI).
All of the properties are explained where they are appear on settings page (press the small i icon), so only the most important parts are covered here:
ServiceFlag needs to be set in order to allow listening at all.
Flags are an easy way to require or constraint to an application to a certain behavior.
Because it is infeasible to have a separate Application Profile for every program you directly or indirectly use, you can also define a Profile for whole folders. These Profiles are called
Default Profiles and are matched on a path prefix basis instead of an exact match basis.
When starting the Tech-Preview version for the first time, the UI should open automatically. There you can change settings, view and edit application profiles and monitor current connections.
There is already the option to have Portmaster check TLS validity of connections, but this module is not currently part of the Tech-Preview as it is not a core feature and needs more time for refinement. If you want to check it out, you can easily compile a version with it included by using an empty import
_ "githu... on the Golang package in the main Golang file.