How to use socketfilterfw to add trusted applications to the firewall?
Hello,
I am trying to add trusted sites to Mac OS X's firewall via command-line. I understand that previously, we were able to use ipfw to configure the firewall on a packet level by using port numbers or IPs. In Leopard (10.5) and on, there is a new feature to add a trusted application to a list. This can be accomplished using the UI:
+System Preferences > Security > Firewall+
As well as using the command-line: socketfilterfw
%sudo /usr/libexec/ApplicationFirewall/socketfilterfw -t "<binary path of application>"
However, I am having problems when I execute the above command, the utility "hangs" and doesn't seem to do anything. This is the output I would receive, and then does nothing:
kyue:/usr/libexec/ApplicationFirewall> sudo ./socketfilterfw -t <my binary path>
adding ~/<my binary path> to the list of trusted applications
GetSignException: creator ‘BNUp’
GetSignException: creator ‘BNu2′
GetSignException: creator ‘SWar’
GetSignException: creator ‘StCm’
GetSignException: creator ‘Dbl2′
GetSignException: creator ‘PJ03′
GetSignException: creator ‘PJ07′
GetSignException: creator ‘FP98′
There was great guidance from this article:
http://krypted.com/mac-os-x/command-line-alf-on-mac-os-x/comment-page-1/#comment -547
I've also read a two related posts here in the Apple Discussion Forum, but it's still a mystery...
http://discussions.apple.com/thread.jspa?messageID=9931275�
http://discussions.apple.com/thread.jspa?messageID=8118951�
Just wondering if anyone here may know why it doesn't seem to be working.
Kat
I am trying to add trusted sites to Mac OS X's firewall via command-line. I understand that previously, we were able to use ipfw to configure the firewall on a packet level by using port numbers or IPs. In Leopard (10.5) and on, there is a new feature to add a trusted application to a list. This can be accomplished using the UI:
+System Preferences > Security > Firewall+
As well as using the command-line: socketfilterfw
%sudo /usr/libexec/ApplicationFirewall/socketfilterfw -t "<binary path of application>"
However, I am having problems when I execute the above command, the utility "hangs" and doesn't seem to do anything. This is the output I would receive, and then does nothing:
kyue:/usr/libexec/ApplicationFirewall> sudo ./socketfilterfw -t <my binary path>
adding ~/<my binary path> to the list of trusted applications
GetSignException: creator ‘BNUp’
GetSignException: creator ‘BNu2′
GetSignException: creator ‘SWar’
GetSignException: creator ‘StCm’
GetSignException: creator ‘Dbl2′
GetSignException: creator ‘PJ03′
GetSignException: creator ‘PJ07′
GetSignException: creator ‘FP98′
There was great guidance from this article:
http://krypted.com/mac-os-x/command-line-alf-on-mac-os-x/comment-page-1/#comment -547
I've also read a two related posts here in the Apple Discussion Forum, but it's still a mystery...
http://discussions.apple.com/thread.jspa?messageID=9931275�
http://discussions.apple.com/thread.jspa?messageID=8118951�
Just wondering if anyone here may know why it doesn't seem to be working.
Kat
iMac, MacMini, iPhone, Mac OS X (10.5.8)
