Firewall - Configuration/GUI of the Mac OS X 10.6 / 10.7 Firewall

Thank you very much for responding to my thread Thomas and roam.

Wheter it is a question to run a firewall on Mac OS X or not,

is not my question. And thank you, but I do know the difference between a

GUI for the Mac OS X built in firewall and a 3rd party stand alone firewall.

If I and properbly many other Mac OS X users choose to run with a firewall,

many of us would like to be able to configurate as WE want it to be.

Many users have special needs that require speciel configuration of the firewall.
There are other things than Apple network technologies you know!

Running a firewall or not. There is Pro's and Con's on both. It's a free choise right. I respect both.
I have 8 CPU cores and 16 threads on my Mac Pro, so I think my Mac can handle a running firewall!
"Better safe, than sorry!" As they say "Over there".
;o)

Apple has chosen to make a firewall in

Mac OS X, then there must be a reason why it is there.

And besides that.

I would bet that, the more popular the

Mac computers gets in the future and the more marketshare

the Mac computers get over the hopeless Windows platform.

The more hackers will be interesting in hacking the Mac OS X.

So a firewall would be something to consider the more Apple has success.

I think that is quite logical.

I'm sure there is almost as many undiscovered security holes in UNIX

as there is on the Windows platform. It is just a question of time

before the hackers will point their weapons against the Mac OS X.

So let me explain a bit more precise what I need…

I'm used to configurate lots of hardware Routers with Firewalls. Doing things like creating firewall rules, opening ports on specific protocols, WAN-to-LAN and LAN-to-WAN, NAT IP redirection, enabling SIP, content filtering, wireless accesspoints with encryption and MAC Address filtering, creating VPN tunnels, setting up Remote Desktop on Windows and Mac computers for Terminal Servers etc.

I'm also administrating FTP servers and NAS harddisks.

All that is always being configurated in a nice intuitive user interface via my web browser. Wheter it is a Router, NAS disk etc. THATS WHAT I WANT with the Firewall in Mac OS X. An "intuitive graphical user inteface" where I easily can configurate the Mac OS X firewall or a stand-alone firewall for that matter.

Yes I self use on my Mac Pro the Hanynet NoobProof firewall GUI right now.

But both the Hanynet firewall GUI's are crap. Lets face it!

They work yes! But the User Interface is NOT Mac OS X standard right!!!

If you pair the user interfaces with standard unser interfaces of a normal end-user Gateway Router with Firewall. Like ZyXEL, NetGear etc.

The Hanynet NoobProof don't have the feature to

choose ports on specific protocols.

With Apple FaceTime there are ports on both the

TCP and UDP protocols that has to be open for communication.

On the other side the Hanynet WaterRoof GUI

I know that it has the features to configurate ports on specific protocols but!

The User Interface is waaaaaaaay too complex and is anything else than intuitive!

I can't find ether head or tale in WaterRoof GUI!!! Completely Lawsy Interface. It is SO non Mac like!

(it needs a interface designer like myself)

I mean, "The Mac" and Mac OS X is all about doing things the "EASY, Nice and Intuitive Way" right!

I can't be that I'm the only one in the world that need a better and faster configuration of the Mac OS X firewall, can it?! There must be hundred thousands of other Mac OS X users with the same wish.

I know I'm a "designer", not a "programmer".

The only thing I program is HTML, CSS and DVD Video titles.

So with all due respect.

*** The question is…

Does anybody know a Firewall GUI or stand alone firewall for Mac OS X Snow Leopard/Lion that are easier than Hanynets????????????????

=========

If I was an Apple employed that delt with Mac OS X security.

I would make the Mac OS X firewall user interface different.

Top level choise could be: ON, OFF and CUSTOM.

So people with non knowledge of firewalls could just choose ON or OFF

to their liking. And leaving the choise for people that would like

to customize the firewall settings with the "Custom" button.

And there after a nice intuitive graphical user interface

to make all sorts of custom settings JUST like on a Gateway Router with built in firewall.

A firewall like that could not hurt anybody could it???!!!

It's MY Mac, I want to rule over MY firewall.

I like the Mac OS X very much, I think it is absolutely brilliant,

but the Firewall settings is NO GOOD for custom firewall configurations.

Apple has to pay attention to it, the sooner the better.

Please feel free to comment.

Best regards

Jesper

Denmark.

When all you Point-Chasers are finished spamming my thread.

I might be able to get an ANSWER to my question from the real mac people!!!!!!!!!!

I dont need lectures, I need a simple answer to MY SIMPLE QUESTION!!!
Don't waste my time any more.

Here in scandinavia time is money!

Thank you!

As I wrote in my present post.
I DONT NEED LECTURES!
I recommend that people that dont have a precise answer to the questions KEEP AWAY!!!

Thank you.

Thank you ds store... (cool login name you have)

Well I think you are right. Even when I have a Mac "PRO" that I paided a million bucks fore, I still can't
get to my firewall config. It's very sad.

Well it's not all true.
Hanynet GUI's does the job, so I don't understand why there isen't any other firewall GUI's out there for Snow Leopard. Hundred of users are willing to pay for them. I'm sure.

Funny what you said,...
"The Firewall that could be configurated and 90% of the Mac users would mess up their Mac...
ha ha ha ha ha ha!
You mean that it is not the geeks that have a Mac then! Well I'm a geek and I want to be in control.

About development for the Mac OS X Firewall GUI
I have an idea. There could be a "RESET Firewall to default" button!!!
and it could be a big red button that flashes!!
You know for the Dummies.

ha ha ha ha!
;o)
Sorry for my sarcasm. (Scandinavian humour).
;o)

I will use the opotunity again to call out to the Mac Geeks

Don't anybody know of 3rd party Mac OS X Snow Leopard Firewall GUI's or 3rd party stand alone firewalls for the Mac OS X Snow Leopard?????? Other than the Hanynet's

I'm having a hard time getting the Mac people up of the chairs I guess!
Or It could be you are right ds store. 90 % og the Mac People is... well you know!!!
ha ha ha ha ha!
Let that be an open invitation to the Mac geeks!

Thank for you positive post ds store.

LETS GEEK OUT!

Best regards
Jesper
Denmark

Hello Hanynet Developer.

Well no hard feelings about your WaterRoof and NoobProof GUIs
for the Mac OS X Firewall.

I think you are great, making the firewall GUI.
Nobody else seems to have done anything like your GUIs
Let me say that very clearly.

Yesterday I uninstalled NoobProof and tried your WaterRoof 3.4
I had dificulty to type in a IP range in a static firewall rule.
I did a mail on that to hanynet, you proberbly have read it already.
Until I know how to type in a IP range in WaterRoof I dont use it.
But then I will use it again. Until I have new solution I use the
built in firewall in Lion. Which I dont like. (no control).

I see today you have made a 3.4.1 version of WaterRoof.
Have you addressed the IP range in that version Hanynet?

================================

And now to address all the Point Chasers in here:

I know the built in Mac OS X Lion firewall.
It off cause can handle all the Apple technologies,
but is not good at handling other 3rd party technologies.
Perhaps I want a specific protocol on a specific port to a
range of IP addresses to be open and to tell that only a surtain App can respond to that firewall opening!

Perhaps I need that! Could be a lot of Pro users needed that and to have that they don't use a fireall at all!!!
A firewall rules like that, I can't do in the Built in firewall in Lion.
I know how to configurate a Firewall in a Gateway Router.
So I'm used to configurate firewalls. Being 100% in control!
I like to be in control.

What I need or not need is not the question in this thread is it!
I posted a QUESTION here, and I STILL NOT have any SOLUTION to MY question.
Just a lot of forum point chasers telling their stories about Mac Life in general.
Well, thats a fact still to this day.

Those forum supporters are allright for the general Mac home users.
I respect the serious of them.

But I can't use their information for my question.
I'm a serious geek, I need geek answers/solutions.

If I choose to have a 3rd Party firewall running,
let me for gods sake have that pleasure!
I only have one life on this doubtful planet.
It's a free country where I live.

In stead of getting angry and telling me what I should do,
I need a solution to my question STILL!

/Peace, I love you all.

Hi Hanynet

Thanks for answering,
you are the only one that speaks my language in here!!!

First Yes yes yes I know the difference between a two-way software 3rd party firewall application like the Symantec Endpoint Protection and Norton Internet Security on the Windows platform etc.. And then a GUI front-end for the original Apple supplied built-in firewall "engine". What your WaterRoof and NoobProof is doing is scripting language to the built-in firewall. And that is way cool work Hanynet! Keep up the good work there!

About the IP range in static firewall rules in WaterRoof.

I tried that in your waterRoof 3.4 version just yesterday or the day before that. I even send you an e-mail to the hanynet.com website e-mail address about the problem.

When I made a new empty static firewall rules and typed in a IP range like:

192.168.1.9,192.168.1.10,192.168.1.11,192.168.1.12,192.168.1.13,192.168.1.14,192 .168.1.15…

all the way up to 192.168.1.69 where I wanted port 515 and 631 on TCP protocol opened for the IP range.

Then WaterRoof showed this in the firewall rule:

"allow tcp from 67.215.77.132 515,631 to me dst-port 515,631"

It can't be correct. It gave me no logic.

The "67.215.77.132" I did not understand!
The 515,631 is the ports I want opened, thats good.
But not the IP address (range).

Perhaps there is a charactor number limitation on the IP addres field or something else is wrong.

I also tried the Range like this: 192.168.1.9-192.168.1.69

It would not eat that ether.
All ZyXEL, Netgear etc.. Gateway Routers firewall understands that kind of IP range typed in like that. So it could be that the Apple firewall could understand it as well. Its much easier than typing in all 60 IP addresses after each other in every static firewall rule

Making a firewall rules like this example:

========================================

Static firewall Rule:

- Rule name: Printer Sharing

- Rule type: Allow

- Address: Range:192.168.1.9-192.168.1.69

- Protocol: TCP only

- Port: 513,631

- Direction: Both

- Applications: "C:\program files\windows live\remotedesktop.exe"

- Schedule: All the time

=======================================

On Windows platform in software firewalls like

the Symantec Endpoint Protection that can be done easily.

The built in firewall in Mac OS X Lion has the option to

allow/deny different apps to communicate with connections outside.

So I guess this option is built-in.

How far the configutation can be per application level that I don't know.
Thats up to Hanynet.com to find out.

What do you think Hanynet?

I will look at the Subnet Calculators you write about...

thanks again.