5
6
I want to reject some traffic in Mac OS X 10.8(Server) like using:
iptables -t filter -I INPUT 4 -s xxx.xxx.xxx.0/20 -p tcp --dport 1723 -j REJECT
Is there the equivalent command for Mac OS X?
user282045
Posted 2013-12-15T13:49:26.007
Reputation: 53
8
With OS X 10.7, Apple deprecated use of FreeBSD's ipfw and switched to OpenBSD's pf.
The control command for pf is pfctl(8).
You will find a brief discussion as of 10.7 here. This is useful for highlighting a couple ways OS X's PF differs from the stock BSD version.
Documentation on PF is widely available, including Hansteen's The Book of PF. The author also wrote a freely available tutorial, and the OpenBSD documentation is also freely available.
Note: If your machine is also running OS X Server under 10.8, you might need to fix a config error that Apple made before PF starts working.
Jeremy W. Sherman
Posted 2013-12-15T13:49:26.007
Reputation: 606
0
Is there the equivalent command for Mac OS X?
I don't believe so. They used to have ipfw and ipfw6, but that's been marked as deprecated. I have not been able to find a replacement either. See, for example, Firewall and Blocking [More] Traffic.
Essentially, Apple has taken nearly all control away from the users.
jww
Posted 2013-12-15T13:49:26.007
Reputation: 1
1
There's also an open-source GUI program for configuring pf: Hanynet's IceFloor
– Gordon Davisson – 2013-12-15T18:05:21.707