Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Problem with my firewall in Mavericks

Hello!


I have a problem with my built-in firewall in OS X Mavericks. It all started when I updated my bit-torrent program "Transmission". The "allow/deny incoming network connections" window keeps popping up when I start the program, despite the fact that I have set the program to allow incoming network connections in the firewall settings... Pretty annoying to be fair. When I use "codesign -vvv /Applications/Transmission.app" in Terminal I get the following response:


/Applications/Transmission.app: code object is not signed at all

In architecture: x86_64


Can anyone tell me what's wrong? I'm not particularly familiar with Mac computers, this is my first one...


Thanks in advance,


Robin

MacBook Air

Posted on May 21, 2014 12:34 PM

Reply
11 replies

May 21, 2014 6:40 PM in response to Robin Johansson

The built-in Application Firewall blocks incoming network traffic, regardless of origin, on a per-application basis. Typically, it would be configured to allow only applications digitally signed by Apple to listen on the network. It does not block outgoing traffic, nor can it distinguish between different sources of incoming traffic. It is not, as some people seem to believe, a malware filter.

So for example, suppose you enable file sharing, and allow access by guests to certain folders. You want people on your local network to be able to access those files without having to enter a password. When configured as stated above, the firewall will allow that. Your router will prevent outsiders from accessing the files, whether the application firewall is on or not. But if your computer is portable and you connect it to an untrusted network such as a public hotspot, the firewall will still allow access to anyone, which is not what you want.

Now suppose you unknowingly install a trojan that steals your data and uploads it to a remote server. The firewall, no matter how it's configured, will not block that outgoing traffic. It does nothing to protect you from that threat.

Another scenario: Your web browser is compromised by a trojan. The trojan redirects all your web traffic to a bogus server. The firewall does nothing to protect you from this threat.

A final scenario: You're running a public web server. Your router forwards TCP connection requests on port 80 to your Mac, and the connections are accepted by the built-in web server, which is signed by Apple. The application firewall, still configured as above, allows this to happen. Now you download a different trojan, one that tries to hijack port 80 and replace the built-in web server. The good news here is that the firewall does protect you; it blocks incoming connections to the trojan and alerts you. The bad news is that you've been rooted. The attacker who can do all this can just as easily disable the firewall, in which case it doesn't protect you after all.

It might make a bit of sense to use the firewall if you're running trusted services on an unprivileged port; that is, a port numbered higher than 1023. Those ports can be bound by a process with no special privileges.

Here is a more realistic scenario in which you should enable the firewall. Your portable Mac has several sharing services enabled. You want those services to be available to others on a home or office network. When you're on those networks, the firewall should be off. When you move to an untrusted network, you can either turn off all the services, or enable the firewall to block them. Blocking is easier: one configuration change instead of several.

Jan 3, 2015 6:33 PM in response to X-Tremo

I had this problem with Microsoft Office 2008 apps on fresh installs of Mavericks and Yosemite. I corrected by doing the following:

(1) closing the affected app

(2) deleting any firewall settings for that app

(3) deleting all .plist files and other preferences found in /Library/Preferences, Library/Caches, ~/Library/Preferences, and ~/Library/Caches (in my case this included all files in preferences folders named com.microsoft.*.plist and all subfolders in those folders bearing the name Microsoft).

(4) launching each app again and choosing "deny" in the dialogue incoming connections

(5) closing the app, and opening again to verify that the firewall setting had been remembered.


Note that I also had previously forced a re-signing of the apps using ad-hoc code signing in a terminal window:

>sudo codesign --force --sign - <full path to application>

For example:

>sudo codesign --force --sign - /Applications/Microsoft\ Office\ 2008/Microsoft\ Excel.app


I am not sure whether or not the re-signing step helped the system remember the settings. You can read about code signing here:

http://forums.macnn.com/79/developer-center/355720/how-re-sign-apples-applicatio ns-once/

Jan 17, 2015 1:06 AM in response to StephenFarrington

Hi,


Tried deleting all the FW rules regarding iTunes and restarting iTunes... didn't work... 😟


Tried to delete all the FW rules at all and restarting iTunes... didn't work... 😟


Tried to re-sign iTunes... got this error... 😟

/Applications/iTunes.app: replacing existing signature

/Applications/iTunes.app: Permission denied

Gonna keep on trying things... wish me luck

Feb 6, 2015 8:19 AM in response to StephenFarrington

This only partially worked for me - Mac OS X 10.9.5 and Microsoft Office 2008


I went to each of the four folders (Library/Cache & /Preferences, also ~/Library/Cache & /Preferences) and deleted everything with "Microsoft" in the name.


I then tried the Open - Deny - Reopen thing and got the network popup each time.


I then did the Sudo (resign) thing for each of the four primary applications (I don’t use Messenger) in MS Office 2008 and repeated the “Microsoft” file deletion exercise in the Cache and Preferences folders.


I then tried the Open - Deny - Reopen thing again for each of the MS applications.


Excel - did NOT get the network pop on restart. Good!


PowerPoint - did NOT get the network pop on restart. Better!


Word - did NOT get the network pop on restart. Even Better!


However…


Entourage - got the network popup on each restart of the app even though the Security & Privacy tab of System Preferences correctly showed “Deny.” Tried several times and the popup comes up every time. Not even close to Better.


Anyone have any idea how to stop this annoying behavior for MS Entourage?

Problem with my firewall in Mavericks

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.