Tuesday 17 January 2012

OSX application firewall not working: FIXED

Recently I encountered problem with the OSX Application Firewall getting confused on Lion (and maybe even on Snow Leopard) - it basically blocks services (e.g. ssh) even when they appear to be set up with 'allow incoming connections' in the Advanced... section of the Firewall, under Security and Privacy, in System Preferences.

I managed to reset mine by doing the following (with the firewall off):
sudo rm /Library/Preferences/com.apple.alf.plist
Then reboot.

When the machine has rebooted in the Firewall advanced settings you should only see the system services that were already enabled (e.g. SSH). Any other entries will have gone, but when you start network based applications that need to accept incoming connections through the OSX firewall - you will be asked if you want to permit the application or not again.

If for some reason the Advanced firewall settings have not changed then ensure the firewall was off when you removed the file and also you could try killing the process named 'writeconfig' (which actually opens that config file) - however you should reboot soon as there may be unexpected consequences.

For more info Apple's Application Firewall see here. Also note that Apple's application firewall is different to the old BSD/Dummynet ipfw firewall - which maybe controlled via the ipfw command (see the man page - e.g. man ipfw). ipfw provides lower level firewalling and can provide for more general network restrictions and control.