Skip navigation

PF firewall equivalent of IP tables command?

330 Views 0 Replies Latest reply: Feb 6, 2013 1:05 AM by zzTontozz RSS
zzTontozz Level 1 Level 1 (0 points)
Currently Being Moderated
Feb 6, 2013 1:05 AM

I have configured apache in the httpd.conf file to work with user 'apachez' group 'groupz'. The 'apachez' user is a member of group 'groupz' on the Mountain Lion Server.

 

To block outbound requests by the apache user, to stop miscreants from bad behavior RE wget/scripts from external sites, in the iptables firewall you would do something like:

 

iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 80 -j DROP
iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 443 -j DROP

 

However, I need to do this in the PF (packet filter) firewall because that is what Mountain Lion Server uses.

 

Could someone please advise how to do the terminal command line(s) equivalent of the above for the PF firewall?

 

Regards.

Mac mini, OS X Server

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.