0 Replies Latest reply: Feb 6, 2013 1:05 AM by zzTontozz
zzTontozz Level 1 Level 1 (0 points)

I have configured apache in the httpd.conf file to work with user 'apachez' group 'groupz'. The 'apachez' user is a member of group 'groupz' on the Mountain Lion Server.

 

To block outbound requests by the apache user, to stop miscreants from bad behavior RE wget/scripts from external sites, in the iptables firewall you would do something like:

 

iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 80 -j DROP
iptables -A OUTPUT -m owner --uid-owner apachez -p tcp --dport 443 -j DROP

 

However, I need to do this in the PF (packet filter) firewall because that is what Mountain Lion Server uses.

 

Could someone please advise how to do the terminal command line(s) equivalent of the above for the PF firewall?

 

Regards.


Mac mini, OS X Server