Last week, I was attempting to let through a new application through the Application Firewall found in OS X El Capitan. Unfortunately, for whatever reason, the app didn't automatically appear in the listing under System Preferences > Firewall (code signing issue), and did not flag if to allow it through upon first run.
I attempted to dig through the app and allow any binaries manually to no avail – I could connect to the app fine with Firewall disabled, could not when it was. So, as a stop gap until I had more time, I left Firewall disabled.
Last night, I reenabled it, and all seemed well. However, upon rebooting the server, the app could not be connected to once again.
Somehow, however, my Mac AF has got completely fried and is no longer accepting connections to known applications that were previously working – OS X Server web service included. Again, as soon as I kill the Firewall, everything lights up. With it running, only basic services such as VNC, SSH can be connected to.
I've tried running through various terminal commands found over on krypted.com at the following URLs, but couldn't find anything of note.
http://krypted.com/mac-security/command-line-firewall-management-in-os-x-10-10/
http://krypted.com/mac-security/command-line-alf-on-mac-os-x/
Interestingly, the /usr/libexec/ApplicationFirewall/com.apple.alf.plist file has status 0 for a lot, it not all, of trusted services such as httpd, despite everything being green in the SysPrefPane. Additionally, from socketfilterfw -l, for references that are linked straight through to an App's binary within it's contents, everything is showing as (null) – is this normal?
The only things that have changed on my server are a few reverse proxies installed under the Default 443 and 80 .conf files at /Library/Server/Web/config/apache2/sites, as well as removing com.apple.quarantine from everything in /Applications/ in attempt to see if that would affect the original app struggling to push through the firewall.
Any ideas on how best to debug, or log? Right now, I'm just running with Mac's AF disabled again.
Mac mini, OS X Server, OS X Yosemite (10.10) DP5
