OK, I'm not a total newbie at this, but I'm no guru either.
Am I smoking something, or should the last line in the ipfw rules definitely not be:
<pre>65535 allow ip from any to any</pre>
Doesn't that just allow everything not explicitly disallowed? If so, how do I get rid of that or change it to:
<pre>65535 deny ip from any to any</pre>
(since I already have all the other rules I need before it.)?
This was no problem in 10.1.x since I just setup IPFW and the GUI had nothing to do with it, but now that there's the "Firewall" section in System Preferences, it's tough to change things.
If I just try doing a <pre>sudo ipfw delete 65535</pre>, I get:
<pre>ipfw: rule 65535: setsockopt(IP_FW_DEL): Invalid argument</pre>
Of course, I can't just add the rule over the top of itself:
<pre>sudo ipfw add 65535 deny ip from any to any</pre>
because it returns that same error. If I try to add it after the last default rule:
<pre>sudo ipfw add 65536 deny ip from any to any</pre>
it just reassigns the rule number to something lower.
Now, if I'm just being silly and there's no problem having that rule there, fine... but I do have one other question.
How the heck do I get ipfw running in 10.2 without Apple's "Firewall" preferences overriding my rules?
If I turn the firewall off in System Preferences, I can't add any rules... and if I go turn it on manually from terminal, System Preferences sees it on and overrides my rules (just dumps in only what you have checked there and deletes everything else).
I tried putting in a script to run at startup that flushes the rules and puts in the ones I want, but System Preferences is relentless and resets them then as well.
I can change the rule set manually every time, but as soon as you look at the Sharing pane of System Preferences they're gone again.
Ideas? Thanks!
Am I smoking something, or should the last line in the ipfw rules definitely not be:
<pre>65535 allow ip from any to any</pre>
Doesn't that just allow everything not explicitly disallowed? If so, how do I get rid of that or change it to:
<pre>65535 deny ip from any to any</pre>
(since I already have all the other rules I need before it.)?
This was no problem in 10.1.x since I just setup IPFW and the GUI had nothing to do with it, but now that there's the "Firewall" section in System Preferences, it's tough to change things.
If I just try doing a <pre>sudo ipfw delete 65535</pre>, I get:
<pre>ipfw: rule 65535: setsockopt(IP_FW_DEL): Invalid argument</pre>
Of course, I can't just add the rule over the top of itself:
<pre>sudo ipfw add 65535 deny ip from any to any</pre>
because it returns that same error. If I try to add it after the last default rule:
<pre>sudo ipfw add 65536 deny ip from any to any</pre>
it just reassigns the rule number to something lower.
Now, if I'm just being silly and there's no problem having that rule there, fine... but I do have one other question.
How the heck do I get ipfw running in 10.2 without Apple's "Firewall" preferences overriding my rules?
If I turn the firewall off in System Preferences, I can't add any rules... and if I go turn it on manually from terminal, System Preferences sees it on and overrides my rules (just dumps in only what you have checked there and deletes everything else).
I tried putting in a script to run at startup that flushes the rules and puts in the ones I want, but System Preferences is relentless and resets them then as well.
I can change the rule set manually every time, but as soon as you look at the Sharing pane of System Preferences they're gone again.
Ideas? Thanks!