ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.

advertisement

AddThis Social Bookmark Button
Article:
  Exploring the Mac OS X Firewall
Subject:   Adding firewall rules for NAT + question...
Date:   2005-04-06 11:13:06
From:   efixler
Thanks for this great article! I use my 10.3 (client) box as a DHCP/NAT gateway, and was looking for a way to add rules that would let clients on the internal networks comminucate with the outside world freely, without me having to open ports in the internal firewall. I modified your startup script like so:

StartService () {
...
/sbin/ipfw add 3000 allow ip from 192.168.0.0/24 to any in
/sbin/ipfw add 3010 allow ip from 10.0.2.0/24 to any in
fi
}


StopService ()
{
ConsoleMessage "Stopping Additional Firewall Rules"
/sbin/ipfw delete 3000
/sbin/ipfw delete 3010
}


When I run these rules, everything seems to work as intended. However, when the rules are in effect, System Preferences will no longer let me edit the built-in Firewall settings panel, as it can detect that 'other firewall software' is in use.


Anyone have any idea how it detects this; I'd like to circumvent this detection (so that I can edit the general rules while the internal network rules remain in effect)


thanks!
eric


1 to 2 of 2
  1. Adding firewall rules for NAT + question...
    2007-07-16 07:42:09  variac [View]

  2. Adding firewall rules for NAT + question...
    2007-07-16 07:41:54  variac [View]

1 to 2 of 2