Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.3: Resolve issues with 'other firewall software'' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.3: Resolve issues with 'other firewall software'
Authored by: jecwobble on Oct 27, '03 02:09:04PM

I've seen this before, too, with Jaguar. When ever I use the CLI ipfw to change any firewall settings, the Sharing preference pane thinks some other firewall software is running. I first noticed it when experimenting with BrickHouse. I never looked at the com.apple.... file before. Could it be that the pref-pane compares it's settings from the com.apple.... file to what ipfw reports is active, then assumes any differences were done using some other software?

Personally, I think the pref-pane should have an 'advanced' screen to allow some common ipfw activities there.



[ Reply to This | # ]
10.3: Resolve issues with 'other firewall software'
Authored by: bluehz on Oct 27, '03 06:58:27PM

I think basically the PrefPane looks at the current IPFW list of rules and if it sees anything other than the standard default rule - then it assumes you are using another firewall.

I personally am using a manually created IPFW firewall per hints here. I see it starting up as it goes through its process and then at the very end of the startup (long after the ipfw script has run) I see a notice "waiting for firewall" and there is a pause of about 20 seconds which is what is normally posted when the Apple firewall is starting up. So I am wondering if I need to find out a way to manually turn off the OS X installed firewall. Looked for it in all the Startup Items dirs and could not find it though.

I am wondering if those of use that use a customized firewall may need to change from using "Firewall ---YES---" in the /etc/hostconfig file (which normally launches Apples fw) to another bit of text for the startup scripts to watch for in plist. For example - it could be something like "IPFW ---YES---" and "Firewall ---NO---" to start your own firewall and not Apple's. You can make the keyword anything you want within the StartupItem.



[ Reply to This | # ]
Firewall pref pane is just a user interface
Authored by: hayne on Oct 27, '03 09:44:24PM

Just to clarify - the Firewall preference pane is just a user interface for configuring the ipfw firewall. That interface is not terribly sophisticated and so gets confused if you have used some other means of configuring the ipfw firewall.

But it is ipfw that is being referred to when the startup message says "waiting for firewall".

There is nothing that you should disable if you use some other means of setting the ipfw rules. Just ignore the Firewall preference pane.



[ Reply to This | # ]