Firewalls for X?
- Thread starter Hydroglow
- Start date
scruffy
Notorious Olive Counter
The system prefs firewall rules interface is pretty dreadful.
If you look at the rules that are set (ipfw list), it doesn't even specify IP protocols - for example if you let in http requests, it allows everything to port 80, even UDP. In the interface, all you can do is state a port or range of ports to allow - no protocols, no source address or interface limits, no stateful filtering, no outgoing connection filtering - these are all features of ipfirewall, system prefs just doesn't let you get at them
You'd probably be better off just to learn the semantics of the ipfw command, and right a startup script to run at boot.
kmyfirewall could be a front end to a number of firewalls. If it's meant for Linux, then it would be for ipchains or iptables (the Linux kernel firewalls); if it's for BSD, it could be for ipfirewall (the one OS X uses) or pf (the OpenBSD kernel firewall, I think)
If you look at the rules that are set (ipfw list), it doesn't even specify IP protocols - for example if you let in http requests, it allows everything to port 80, even UDP. In the interface, all you can do is state a port or range of ports to allow - no protocols, no source address or interface limits, no stateful filtering, no outgoing connection filtering - these are all features of ipfirewall, system prefs just doesn't let you get at them
You'd probably be better off just to learn the semantics of the ipfw command, and right a startup script to run at boot.
kmyfirewall could be a front end to a number of firewalls. If it's meant for Linux, then it would be for ipchains or iptables (the Linux kernel firewalls); if it's for BSD, it could be for ipfirewall (the one OS X uses) or pf (the OpenBSD kernel firewall, I think)