10 Replies Latest reply: Dec 11, 2007 2:13 PM by direwolf8
re_vexxed Level 1 Level 1 (15 points)
How does one port forward in leopard?Or set up fire wall rules for certain port numbers?
Thnaks

Mac OS X (10.5)
  • 1. Re: port forward
    tsvisser Level 3 Level 3 (755 points)
    port forwarding, unless you are using your computer as a router / NAT point (unlikely), is specifically something that you do in your router. In the firewall settings, you would add exceptions for applications or services that you want to open up to allow access through the firewall.

    if you can be more specific, with respect to your router model and what service you are trying to forward, perhaps myself or someone else here can give you a hand?
  • 2. Re: port forward
    re_vexxed Level 1 Level 1 (15 points)
    Thanks for the reply

    I need to access a work application via port 10234

    In tiger i set this up via the network>>firewall and created a custom entry called work.

    Then on my airport export i placed a port forward for all wan traffic on port 10234 to be routed to my lan ip address. It appears this feature is gone and has been replaced by an application firewall or am i looking in the incorrect place?
  • 3. Re: port forward
    tsvisser Level 3 Level 3 (755 points)
    yes, seems like there were some drastic changes made here... looks like an "application" based firewall.... under Security > Firewall tab...

    looks like you can set "Set access for specific services and application" and then, if the service that you need is pointing at a local application installed on your machine, then you may add that app as an authorized breach through the wall.... but this does seem to have lost a gross amount of control compared to Tiger.

    if you are not running a local app, but need to share a file via some other method, then you may be able to look at the share settings, perhaps changing public / private port arbitration to make it work?
  • 4. Re: port forward
    Wes Adams Level 1 Level 1 (15 points)
    I am having the same problems. I want to open certain ports for certain programs and I haven't found how to do this in Leopard. Tiger was easy. I have tried to give these apps the right of way in the Security/Firewall preference pane but it doesn't seem to help.
  • 5. Re: port forward
    re_vexxed Level 1 Level 1 (15 points)
    tiger fw was great, so why change it for the sake of change.
  • 6. Re: port forward
    Jp Cooper Level 1 Level 1 (35 points)
    I too came across this for the first time today_

    All the way thru Tiger we were able to specify a Port Number for anything we wanted via the Sharing Prefs under the Firewall Tab_

    A litttle skimming around today showed they'd moved the functionality to what used to be the FileVault Icon (now SECURITY) and they've done what Apple does best <insert sarcasm> - dummied things down even more for a basic user and left anyone with half a brain out twisting_ I assume thru Admin Tools we'd regain much control but removing the ability to set this up manually all together seems extreme since some ISPs out there like to play their favorite game of "Let's Block Random Port Numbers - unless the customer pays extra"_

    Way to Go Apple_

    Or are we missing something hidden in the 300+ "new" features of Leopard?
  • 7. Re: port forward
    Jp Cooper Level 1 Level 1 (35 points)
    http://docs.info.apple.com/article.html?artnum=306938

    Here it is boys and girls !

    The "official" answer from the horse's mouth_

    The watered it down so the basic user can feel like they have better control over their security_ Terminal function is still available thru 'ipfw' -- but otherwise it is now Application Specific and NOT Port Specific_

    Completely stupid on Apple's part - once again NOT giving the end user a choice or the option for which they prefer_
  • 8. Re: port forward
    William Neyman Level 1 Level 1 (0 points)
    I'm doing port forwarding in my AirPort Extreme Base Station. If your router isn't an option and you must fiddle with the built-in firewall, a third party utility is the best bet. Look to sunShield Pro for granular firewall control <www.sunprotectingfactory.com>. It's a GUI to manage Apple's IPFW2 firewall directly and bypass the application firewall interface. By the way, you can still manage the firewall from the command line, if you want to mess with ipfw commands.
  • 9. Re: port forward
    William Neyman Level 1 Level 1 (0 points)
    If you're using a particular application to communicate with your office, you should be able to set this up fairly easily. Port forwarding in the router will be exactly the same as before. On the Mac side you should set the Security/Firewall preference pane to "Set access for specific services and applications" and add the application that needs to cross the firewall to the list, setting it to "allow incoming connections." This should dynamically enable whatever port connection is requested by your "work" application.
  • 10. Re: port forward
    direwolf8 Level 4 Level 4 (1,280 points)
    That's not really true. There's no GUI for Dummies anymore, but with the command line
    ipfw commands or configuration files, you can still have port specific settings. The
    functionality is all there.

    It wouldn't be hard for a third party to write a GUI for ipfw. The configuration is plain
    text and well documented.