A fix for an advanced firewall settings issue on Server

Feb 13, '07 07:30:01AM

Contributed by: Euklid

I had big trouble with the Advanced Firewall settings in Server Admin. I had a lot of double entries in the rules list, but could not delete them. If I moved them up or down, they were copied instead of being moved. If I enabled a disabled rule and saved it, it was automatically disabled again. Many rule numbers were duplicated with different contents.

So here's the fix: Disconnect your server from the internet, then in Server Admin, stop the firewall. Quit Server Admin and open Terminal. Type in the following:

$ cd /etc/ipfilter
$ cp ip_address_groups.plist ip_address_groups.plist.orig
$ sudo open ip_address_groups.plist
Check, edit, and correct all the rules. To see a list of ports, use cat /etc/services. To learn how to set up rules correctly use man ipfw. When all rules are correct, then:
$ sudo mv ipfw.conf.apple ipfw.conf.apple.orig
$ sudo ipfw flush
Start Server Admin, start the firewall, and check the Active Rules tab. If it is empty, make a dummy change in a rule and save. If everything looks good, bring your server online again.

[robg adds: I can't test this one easily, nor do I know anyone who runs Server regularly. If this hint isn't helpful, please let me know!]

Comments (3)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20070208125722820