In 10.4, if you had a custom firewall config running, the built-in firewall configuration was greyed out in the System Preferences. Now in Leopard this is not the case ... I haven't worked out what happens when you use both configurations, built-in and custom, but here's how you get your custom firewall back:
- Set the firewall option in the Security System Preferences panel to "Allow All Incoming Connections," just to make sure that the built-in settings don't conflict / interfere with your custom settings.
- Create an entry in /Library/LaunchDaemons, mine is called ipfw_firewall.plist, and it looks like this. Customize to meet your needs.
- If you, like me, want your separate firewall log file in /var/log, then you need to modify /etc/syslog.conf like this: With those changes, you get your firewall logs in /var/log/ipfw.log.
The result of the above firewall config is this when you run nmap against it: However, nmap on the Mac itself against localhost looks like this: I guess the result is acceptable :).

