Q: How do I make an adaptive firewall blacklist address permanent.
I am using OS X Server version 5.0.15 running on El Capitain. I have started the adaptive firewall changed the firewall address in af.plist to use the IP address my server is listening to. When I add an IP address to the blacklist it is successful, but there is an expiry time of about 15 minutes. If I look at the contents of the blacklist the IP address is listed but it is removed after 15 minutes.
How do I make the entry permanent?
Mac mini (Late 2014), OS X Yosemite (10.10.1)
Posted on Mar 18, 2016 3:43 PM
I may have found a partial solution. Use terminal to add the ip address and use -t to specify a long time - like this...
sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -a xxx.xxx.xxx.xxx -t 200000
Maybe there is something to put after -t to specify till infinity and beyond. I will keep looking.
Posted on Mar 20, 2016 12:10 PM