Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Adding firewall rules at runtime...

On Thursday, July 31, 2003, at 09:32 AM, Huyler, Christopher M wrote:

What would be the best way to alter the firewall config file from a C/C++ program?

Read the plist in, alter it, write it out.

Does the ipfw kernel extension send a signal whenever its table is flushed?

I don't think so. I think the kext is a totally passive player in this regard.

I think -- and this is unverified -- the System Prefs sharing panel code sets rules according to the file /Library/Preferences/com.apple.sharing.firewall.plist. If that's the case, you need to alter the plist to make your changes "stick." The change you are seeing when file sharing is started up is to add a rule passing file sharing traffic.

I could be wrong. It certainly wouldn't be the first time. There may be other mechanisms, but I know nothing of them.
---
Creed Erickson <email@hidden>
"Not a shred of evidence exists in favor of the idea that life is serious."
- Brendan Gill
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
References: 
 >RE: Adding firewall rules at runtime... (From: "Huyler, Christopher M" <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.