• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Firewall settings
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Firewall settings

  • Subject: Re: Firewall settings
  • From: "Peter Sichel" <email@hidden>
  • Date: Wed, 25 May 2005 16:43:26 -0400
On 5/25/05, Mike Morton wrote:

>Getting firewall settings isn't hard, if you're willing to gamble that
>Apple doesn't change file formats. See
>/Library/Preferences/com.apple.sharing.firewall.plist. (The format
>changed between 10.3 and 10.4, since 10.4 distinguishes UDP ports.)

Notice this isn't guaranteed to work for 3rd party firewalls, but some
of Apple's iApps do it anyway.

>I don't know a good way to add or change the settings.

The current mechanism used by some applications is to modify the ipfw
settings directly, but this is a free for all with no guarantee of
compatibility.

Alan Oppenheimer <email@hidden> is trying to pull together an
informal session on firewall related issues at WWDC next month.

From my perspective, what's needed is something along the lines of the
old Internet Config System for firewall settings within the System
Configuration Framework.  Apple and some 3rd party firewall vendors need
to agree on some common dictionary keys to describe what ports are
blocked, or request that specific services be made available.  Firewall
developers would then modify their applications to receive a callback
when a firewall key is changed and confirm whether the requested
configuration was accepted.  Changing firewall keys would require root
privileges to address the security issue.

3rd party applications would then be able to examine and/or request
changing a consistent model of the current firewall state.  More
importantly, Apple's firewall User Interface (Sharing Preferences Panel)
could be used as a least common denominator to examine or configure any
compatible network firewall or related 3rd party application providing a
consistent user experience.

- Peter Sichel
  Sustainable Softworks
  <http://www.sustworks.com>


 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >Firewall settings (From: Mark Thomas <email@hidden>)
 >Re: Firewall settings (From: Mike Morton <email@hidden>)

  • Prev by Date: Re: Firewall settings
  • Next by Date: CFSocketSignature & IPv6 addresses
  • Previous by thread: Re: Firewall settings
  • Next by thread: CFSocketSignature & IPv6 addresses
  • Index(es):
    • Date
    • Thread