testing for firewall and modifying ports
testing for firewall and modifying ports
- Subject: testing for firewall and modifying ports
- From: Mike Morton <email@hidden>
- Date: Fri, 5 Nov 2004 10:33:21 -0500
Our application needs certain ports open in the firewall. Ideally, we'd like to check if the ports are open (if the firewall is up at all) and offer to open them if they're blocked.
Searching the archives of this list, these things don't look easy. I don't see any APIs for this stuff.
So what can one do?
Without being admin, you can examine the XMLin
/Library/Preferences/com.apple.sharing.firewall.plist. Of course if I do this I'll spend time in some inner circle of hell for depending on undocumented Apple data structures. Worse, if someone's using a third-party firewall, we're out in the cold.
(This might not be the worst thing in the world. If we can't read some future .plist, we can just assume the ports are blocked and tell the user to use the GUI. And anyone using a third-party firewall is savvy enough to feed it our list of ports.)
If we want the user to give us the admin password (which they'll often need to do later in our setup, anyway), we can run 'ipfw' and look at the output, or directly read kernel data structures. But... if someone's using a third-party firewall, are they sitting on top the ipfw world, or can a third-party system be something completely different from ipfw?
Instead of all this, can one test the firewall empirically if you have a willing host nearby? If you don't have a willing host?
Thanks in advance,
-- Mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden