OS X Server 5 (El Capitan 10.11 or Yosemite 10.10) has an adaptive firewall built in, or a firewall that controls incoming access based on clients attempting to abuse the server. The firewall automatically blocks incoming connections that it considers to be dangerous. For example, if a client attempts too many incorrect logins then a firewall rule restricts that user from attempting to communicate with the server for 15 minutes. If you’re troubleshooting and you accidentally tripped up one of these rules then it can be a bit frustrating. Which is why Apple gives us afctl, a tool that interacts with the adaptive firewall. The most basic task you can…
-
-
Mac Network Commands Cheat Sheet
After writing up the presentation for MacSysAdmin in Sweden, I decided to go ahead and throw these into a quick cheat sheet for anyone who’d like to have them all in one place. Good luck out there, and stay salty. Get an ip address for en0: ipconfig getifaddr en0 Same thing, but setting and echoing a variable: ip=`ipconfig getifaddr en0` ; echo $ip View the subnet mask of en0: ipconfig getoption en0 subnet_mask View the dns server for en0: ipconfig getoption en0 domain_name_server Get information about how en0 got its dhcp on: ipconfig getpacket en1 View some network info: ifconfig en0 Set en0 to have an ip address of 10.10.10.10…
-
The OS X Application Layer Firewall Part 3: Lion
In a couple of previous articles I looked at automating the Application Layer Firewall in OS X. These are pretty common articles that get back-linked to the site, so I decided to update them earlier, rather than later, in the Lion release. The tools to automate firewall events from the command line are still stored in /usr/libexec/ApplicationFirewall. And you will still use socketfilterfw there for much of the heavy lifting. However, now there are much more helpful and functional options in socketfilterfw that will allow you to more easily script the firewall. Some tricks I’ve picked up with alf scripting: Configure the firewall fully before turning it on (especially if…
-
Command Line ALF Redux
Note: I had previously written this article for Mac OS X 10.5 but have put in a few updates and so thought it might be time to repost it. Mac OS X 10.5 and Mac OS X 10.6 have a multitude of ways to keep data from coming or going from a system. The traditional way is to use ipfw, although this isn’t the default way in 10.5 and above. Instead, you are meant to use the Application Layer Firewall (we’ll call it ALF for short), which is what you configure from the Security System Preference pane. You can enable the firewall simply enough by using the defaults command to…
-
How to Get Hax0r'd
-
Command Line ALF on Mac OS X
Mac OS X 10.5 and Mac OS X 10.6 have a multitude of ways to keep data from coming or going from a system. The traditional way is to use ipfw, although this isn’t the default way in 10.5 and above. Instead, you are meant to use the Application Layer Firewall (we’ll call it ALF for short), which is what you configure from the Security System Preference pane. You can enable the firewall simply enough by using the defaults command to augment the /Library/Preferences/com.apple.alf.plist file, setting the globalstate key to an integer of 1: defaults write /Library/Preferences/com.apple.alf globalstate -int 1 You can also configure the firewall from the command line.…