A script to automtically enable and disable the firewall

A script to automtically enable and disable the firewall | 6 comments | Create New Account

Click here to return to the 'A script to automtically enable and disable the firewall' hint

The following comments are owned by whoever posted them. This site is not responsible for what they say.

A script to automtically enable and disable the firewall
Authored by: CarlRJ on Jul 22, '09 02:49:19PM

Cute idea, and nice use of LaunchDaemons. Couple of points:

There's a closing ")" missing on the end of the "vpn.yourcompany.com" line in the "case $NETWORK in" statement.
The line:
NETWORK=$(cat /var/run/resolv.conf | grep domain | awk '{print $2}')
really deserves to be simplified to:
NETWORK=$(awk '/domain/ {print $2}' /var/run/resolv.conf)
Why run three commands when one will do?

Essentially, you're turning off the firewall when you're connected inside your company's offices. That's making the assumption that there's zero chance of any other machine in the office being infected/controlled by blackhats. I wouldn't want to make that assumption.

Personally, I turned off the Application Firewall, and set up a script to run at startup that configures a traditional ipfw firewall that blocks any traffic that I'm not expecting (no, I wouldn't recommend this approach for everyone; configuring ipfw involves a lot of details that most people won't want to deal with, and such a setup isn't particularly portable from one machine to another).

From our Sponsor...

Hints by Topic

Search

From our Sponsor...

Latest Lion Hints

User Functions

What's New:

Hints

Comments last 2 days

Links last 2 weeks

What's New in the Forums?

Hints by Topic

News from Macworld

From Our Sponsors