afctl (Adaptive Firewall) error in 10.8.2
I have enabled the Adaptive Firewall in OS X Server (2.2) under Mountain Lion 10.8.2 as per Apple's instructions:
http://support.apple.com/kb/HT5519
However, I get back an error everytime I try to enable it:
# afctl -f
No ALTQ support in kernel
ALTQ related functions disabled
pf enabled
Token : 18446743524496027528
No ALTQ support in kernel
ALTQ related functions disabled
Jan 22 17:41:50 server.domainredacted.com afctl[17998] <Notice>: Cannot update the Event Monitor config
When I try to alter a setting:
sh-3.2# afctl -T 10
Jan 22 17:42:09 server.domainredacted.com afctl[18005] <Notice>: Cannot update the Event Monitor config
Or when I try to disable it:
sh-3.2# afctl -X
Jan 22 17:45:29 server.domainredacted.com afctl[18021] <Notice>: Cannot update the Event Monitor config
I thought perhaps that afctl was having trouble writing to AdaptiveFirewall.plist in /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
sh-3.2# ls -l /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
total 0
-rw-r--r-- 1 root wheel 3344 Jan 22 00:11 AdaptiveFirewall.plist
But even adding world write permissions to this file didn't help.
I also wondered if perhaps afctl was looking for AdaptiveFIrewall.plist in the wrong place:
sh-3.2# ls -l /etc/emond.d/rules/
total 0
-rw-r--r-- 1 root wheel 822 Jan 21 20:01 SampleRules.plist
-rw-r--r-- 1 root wheel 8964 Jan 21 20:01 Xsan.plist
But copying AdaptiveFirewall.plist here (or symbolic linking the file in this dir) didn't do the trick either.
Anyone have any idea why afctl keeps complaining that it "Cannot update the Event Monitor config" in OS X Server 2.2 / Mountain Lion 10.8.2?
Rusty