107043 Views Previous 1 2 3 4 … Next 90 Replies Latest reply: Aug 19, 2010 7:19 AM by Jay Bullock Go to original post
That obviously makes sense and is an easy fix, but how do you get mac hidden files to show up in the list so you can select them. Even when I have hidden files showing up in the finder they will not show up in the firewall system preference list so I can choose them. nbmlookup showed up for me on its own and when I click "reveal in finder" it brings it up in a separate window and shows it even though it is hidden, but I cannot get there to add new ones. I also tried dragging it from the finder but that did not work. Thanks for your help.
Okay, Wendy so I was in totally the same boat as you, with no idea how to do this. After playing around though this is how:
1. Download Main Menu (http://www.santasw.com/)
2. Install and then it puts an icon in your menu bar. Click it, highlight finder (in the menu) and then click show invisibles. Finder will restart.
3. Clear the deksotop and open finder. Go to Machintosh HD (they'll be lots of folders, including the crucial usr folder).
5. Open system preferences, go the firewall section.
6. Click the add button and then in the finder window that you opened drag the usr folder onto the window (see this image: http://img122.imageshack.us/img122/9158/howtoue6.jpg)
7. Then naviagate to /usr/sbin/mDNSResponder and you can select it. This can also be repeated for configd (it was giving me problems).
8. Voila, problem solved.
I seem to be having the same issue as everyone else in particular just like dhowell626 I have just got my computer back from repair in the UK. The repair was to replace the entire outer casing (ie should not have impacted any software but I know they ran various diagnostic tests for good measure - they said 5 hours of tests).
When I switched on my MacBook Pro in the shop to check everything was OK I immediately started getting exactly the same symptoms: windows asking whether I wanted to allow or deny connection by configd and mDNSResponder, failure to connect to network with self assigned IP address, a new program called nmdb showing on the allowed list on my firewall. I had never experienced any of these problems before. Inspecting the log at the time when internet access was blocked shows that both configd and mDNSResponder were blocked at the same time as I was unable to get online. There does seem to be a strong connection here.
The Genius at the Mac store at first tried to deny it could be anything to do with what they have done as it was just a hardware job. He then suggested I just turn off the firewall saying "it's not that vulnerable if you allow all incoming network communications". This is definitely NOT my understanding and any quick research online will show the perils of switching off firewalls and I pointed this out. The Genius has agreed to take the machine back in again to replace the casing again (the new one was warped) and also to fix this problem. He thought a reinstallation of some part of the system would be needed to fix this problem.
In the meantime I have tried out the solution suggested by Heinrich with specific details supplied by lstnmysphr in this thread. Thank you very much for these suggestions; I could follow them and they seem to be working and this has enabled me to have the firewall up but specifically allowing config and mDNSResponder. I must say I am still unhappy about this. If nothing else, I did not need to do this before my Mac was taken in for repair and I am worried maybe other things have gone wrong as yet undiscovered. I shall therefore still be asking the Apple store to effect a proper repair of this issue that aparently was (most likely inadvertently) caused during their repair work.
Incidentally, the potential solution suggested by Simon69 did not match my symptoms. com.apple.kerberos.kdc and com.apple.systemdefault were both in my keychain.
I note in http://docs.info.apple.com/article.html?artnum=306938 where Mac describe the updated firewall, they describe configd, mDNSResponder and a third service called racoon as being the only 3 "essential services" that continue to be permitted even under firewall option 2 ("Allow only essential services"). It suggests there is some glitch in the special permissions given to these services by the firewall, triggered maybe by battery resets, system time resets, or something else that happens when Macs are repaired and their casings are interfered with/replaced:
+2. Allow only essential services:+
+This is the most conservative mode. Mac OS X will block all connections except a limited list of services essential to the operation of your computer.+
+The system services that are still allowed to receive incoming connections are:+
+configd, which implements DHCP and other network configuration services+
+mDNSResponder, which implements Bonjour+
+racoon, which implements IPSec+
Given the very high number of visits to this thread (albeit limited posts there are nearly 2,000 viewings already) I suspect lots of people are having this problem. It seems to be relatively recent and may be connected to the updates to Leopard that modified the firewall, or at least the descriptions of the firewall options.
It would therefore be great to see Apple address this issue, give us some clarification and potentially release a bug fix. For those of us who have applied these patches, please let us know whether we've done the right thing and/or should take any further action.
[This issue also seems to be connected to a posting in the Mac OS » Mac OS X v10.5 Leopard » Getting Online and Networking forum Re: Self Assigning IP Issue although I do not think that thread adds much additional to the discussion in this thread. One common theme may be around resetting system dates. Replacing batteries evidently does this and it's possible certain repairs or diagnostics done by Apple repairers may do something similar too.]
I'm glad my tips have been able to get you up and functioning again. Did you find you only got the prompts following a waking from sleep? This was my main problem (although occasionally I did get these messages at startup - though not everytime) If so:
Among the latest improvements is a fix for an issues that prevented some Mac systems from properly rejoining an AirPort wireless network after awaking from sleep.
I guess we'll see what 10.5.3 brings, but yes, clearly there is a problem in 10.5 that Apple needs to address and we'll have to wait until .3 to know if they have sorted it. The workaround I posted is a lot of hassle (although it appears a onetime fix). Nonetheless, something we shouldn't have to do. Fingers crossed it is fixed for I'm sure there are numerous people out there that haven't found this (or any other fix) to their problems and are using their firewall in a way they find less than satisfactory.
Interestingly I was getting these issues when booting up from a shutdown system, ie it was not connected to waking from sleep.
Also, I first noticed this problem when connecting with AirPort but yesterday (before applying the fix) I found I was also getting the same symptoms when connecting with a wired ethernet line. I am not sure if anyone else with this issue has tried connecting through an ethernet cable but I suspect it is not an AirPort problem. I am therefore not sure whether 10.5.3 will address this.
Interestingly I'd not really ever noticed these problems on a LAN network, until today.
I have found that with my fix applied when I connect to the network I can only see windows "workgroups" in the Shared (network) folder.
If I turn the firewall off (allow all incoming connections) I can see the individual apple computers on the network. Possibly a bonjour problem?
I have looked and compared activity monitor when firewall is off and when I choose my fixed firewall and the processes seem to be exactly the same.
Lots of photos have been taken and documents collected. I'm going to try take this in to Apple this week (if I can get a genius appointment) and have them take a look (though I'm sure they'll not be able to do anything).
I'm still keeping my fingers crossed for a fix in 10.5.3 but now I'm unsure this will help.
make a soft link in one of your accessible folder by running the follow command in the terminal (assuming you cd into the right directory)
# ln -s /usr/ usr
the file browser in the firewall setting will now be able to see the link. You can remove the link once you added configd and mDNSResponder to the list.
That's odd, even though I added configd and mDNSResponder to my firewall list, I am still prompted to accept incoming connections for them after rebooting.
Also, I am informed that my computer name is already in use, and it is automatically renamed (a number is appended). This happens on each boot. Eventually I can connect to my AirPort router.
In my case, all these problems started happening after the logic board was replaced in my MacBook Pro.
Unfortunately, just like Krakatos, even having successfully added configd and mDNSResponder to my firewall's allowed list, I am still asked whether I want to allow incoming connections for them on rebooting. I am also being told that my computer name is already in use right after allowing these, and it is automatically renamed with a number being appended.
I am trying to get my local Mac store to fix this, hopefully this weekend. Will let you know if I have any success.
I had a similar problem, with configd (and hence, DHCP and all networking) not working unless the firewall was set to allow all incoming connections.
Reconfiguring the kerberos certificates as specified in http://support.apple.com/kb/TS1245 solved it.
The above post by Michael St.
"I had a similar problem, with configd (and hence, DHCP and all networking) not working unless the firewall was set to allow all incoming connections.
Reconfiguring the kerberos certificates as specified in http://support.apple.com/kb/TS1245 solved it."
May well provide an answer.
Alternatively navigate to:
Macintosh HD -> Library -> Preferences -> System configuration.
Here drag a copy of "com.apple.network.identification.plist" and "com.apple.smb.server.plist" to the desktop and then delete the originals.
Restart your computer (your mac will make a new version of this file) and you may find your problem is fixed.
This was recommended to me by an instore Apple genius.
Same issues here.
My strongest hunch is that this has something to do with Microsoft Messnger 7.0. I never had this problem at all until I installed Messenger. Although I have trashed Messenger, maybe there are some related files I did not get. Any ideas if there are any related messenger files I could delete which would make this go away? Is it even possible that this is related to messenger?
I added configd and mdnsresponder to the list in the firewall tab of the Security pref pane and have it set to "allow incoming connections".
I also, as suggested by lstnmysphr, removed the com.apple* files.
Even though trying the two steps above, I still have the problem when either waking from sleep OR rebooting. My only workaround is to go into Firewall tab of Security pref pane and check "allow all incoming connections", close the pref pane, reopen the pref pane, then click on 'set access for specific services and applications".
I have not yet attempted reconfiguring the kerberos certificates.
Thanks for the help.
Confirmed - PMU reset did it!
This solution has a certain symmetry: the cause of my troubles has been that the battery power drained totally during sleep. I also thought some of the earlier file-based solutions work, but that may have been interferences with other attempts.
After the reset, I logged in first as an administrative user (not sure if that makes a difference), and got firewall-related dialog boxes for mDNSresponder and configd. Clicked "Allow", and that's it. The time got of course lost as well, but ntpd manages to fetch it, once the "Time and Date" Preference panel is opened.