• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: API to open the firewall?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: API to open the firewall?

  • Subject: Re: API to open the firewall?
  • From: Joshua Graessley <email@hidden>
  • Date: Fri, 10 Sep 2004 08:50:43 -0700
There is no API for doing this. There are ways to do this using ioctls
to configure the firewall, but this is error prone.

It is unlikely there will ever be a straightforward API for simply
opening up the ports. If the user enabled the firewall, it is usually
because they don't trust the software they're running, they were
influenced by marketing "firewall makes it safer", or they've been
reading about the miseries of another platform out there. At any rate,
if there was an API for opening ports (bypassing the firewall), it
would pretty much eliminate the functionality of the firewall.

I believe there is a bug filed about giving third parties a way to add
ports to the list in the firewall preferences pane. This is slightly
off topic for darwin-dev. There is a mac network programming list that
might be a better place. If you are an ADC member, DTS might also be
able to help.

There are better solutions, such as a system wide way of controlling
which users and which processes have permission to open sockets and
listen for inbound connections.

-josh

On Sep 9, 2004, at 11:28 PM, Braren, Arfst RD-PN34 wrote:

> Hi all,
> An client/server application is using some ports to talk http (630x
> and 5200x depends on whats available). When firewall is enabled the
> client can't talk with the server - the user has to modify the
> firewall preferences. - not so easy because we are using port ranges.
>
> Is there an API that allows an app to register ports at the firewall?
> Is there a known way for the Installer to do so?
>
> Thanks
> A.Braren
> _______________________________________________
> darwin-development mailing list | email@hidden
> Help/Unsubscribe/Archives:
> http://www.lists.apple.com/mailman/listinfo/darwin-development
> Do not post admin requests to the list. They will be ignored.

[demime 0.98b removed an attachment of type application/pkcs7-signature which had a name of smime.p7s]
_______________________________________________
darwin-development mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-development
Do not post admin requests to the list. They will be ignored.
References: 
 >API to open the firewall? (From: "Braren, Arfst RD-PN34" <email@hidden>)

  • Prev by Date: Using dead notification with mach ports
  • Next by Date: Re: Using dead notification with mach ports
  • Previous by thread: API to open the firewall?
  • Next by thread: Using dead notification with mach ports
  • Index(es):
    • Date
    • Thread