When enabling Internet Sharing in the Sharing preference pane, those using the built-in firewall are warned that computers sharing their internet connection will be unable to browse the web. The proposed solution is to enable the Personal Web Sharing service, which launches the Apache web server and opens the ports necessary for web traffic across the firewall.
Fortunately, it's easy to share an internet connection without running Apache. Under the Firewall tab, click the New button to add a firewall rule. Set the Port Name to Other, and enter the following list for both the TCP and UDP Port Numbers: 80, 443. In the Description field, enter Web Access for Internet Connection Sharing, and click OK to finish.
As long as the new entry is checked, computers sharing the internet connection with your Mac will be able to browse the web using http (port 80) and https (port 443).
I've had absolutely horrible speeds while copying files from my Samba server, and it was starting to drive me nuts. Well, for those of you that experience this, there is a very easy fix. Simply add the following line to /etc/sysctl.conf (this is the file that is read on boot to set sysctl variables):
This simply tells the TCP stack in the kernel to not delay packet acks. The reason the slow down occurs is that when you are not sending anything to the Samba server, but attempting to copy a huge file from it, your computer will queue up a bunch of acks, and then send them after a bit. This causes the Samba server to stop sending files as fast, and then you end up going only a few kilobytes per second.
If you want instant gratification, open up a terminal window and sudo su -. Then, paste this in:
sysctl -w net.inet.tcp.delayed_ack=0
This is the same as what is in /etc/sysctl.conf, but the setting will be lost after a reboot. Enjoy!
I like to use a wildcard DNS entry for my localhost. The reason? If I want to establish a new virtual domain in Apache for testing, I need only go in and create my own arbitrary virtual domain (like railsdev.localhost), and the DNS side will "just work." On Linux machines, you can just edit /etc/hosts and put a *.localhost entry in. This didn't appear to work on OS X, so I instead enabled a local nameserver and went down that path.
I gathered hints from various parts of the net when it came to enabling DNS on OS X Tiger, and I think I have found the most efficient way to do that.
I work at a large company that blocks all Internet ports, only allowing access to the web through a proxy server on ports 80 and 443. I have a fast connection at home and a nice shinny PowerBook sitting on my coffee table all alone. I searched high and low to find exactly how to accomplish this, but I could only find bit and parts.
I connect from Windows with ssh through the work proxy to my Airport Express then to my Mac. I tunnel a VNC connection through ssh, and control the desktop remotely. Make sure you are not violating your company's policies before attempting this.
My company forces me to use a Windows computer at work, but there are tools that will let you connect back home. I chose PuTTY (for Windows) for connecting via ssh to home. I configure PuTTY to go through the proxy, and to tunnel port 5900. I also set up a dyndns host to deal with the changing IP address of the home computer. I enabled remote login and Apple Remote Desktop (ARD) in the Sharing panel of System Preferences. After enabling ARD, click the Access Privileges button on its Sharing screen, select ‘VNC viewers may control screen with password,' and type in a password.
You will need to set up your Airport Express to forward ports 22 and 5900 to your PowerBook. Do this buy opening Airport Admin and selecting Port Mapping, press the Add button, and type public port 22 to the PowerBook's internal IP address (i.e. 10.0.1.2), and private port 22. Do the same for port 5900.
For work, I login with PuTTY via ssh and then I use TightVNC to control the desktop at home. I also found this link, which covers PuTTY tunnel configuration. Now you are on your way to setting up other home server services such as WeDAV, FTP Web etc.
I have found that the cheapest of all the network print server hardware boxes works the best when trying to print to HP Deskjet printers. I was originally trying to use a D-Link DP-300U with my Deskjet 970cxi, but found it wouldn't use the HP drivers for the printer. Instead, it used the Gimp drivers, and those drivers did not work well with my printer.
So I bought a dirt cheap Netgear PS101 print server and was able to install HP's own print drivers because the printer saw the PS101 as a Jetdirect Print Server. All I had to do was make sure I had uploaded the latest BIOS to the PS101, and then gave the HP install program the PS101's IP address. I'm not sure if this would work with other Deskjet models, but I would assume it should.
After spending a day fiddling around with ports and Bonjour to get a USB printer attached to an AirPort Express to print from my XP Desktop, I finally figured it out. It was my XP firewall software; I disabled it, and could at last print. The firewall I was using was the Zone Alarm freebie version; I'm now reliant on the XP built-in firewall along with Spybot, AdAware, and Mozilla, but at least I can print.
I hope this helps someone else -- there's a lot of stuff out there about printer configuration, port fiddling, and using Bonjour, but in the end, it was nothing to do with any of that. It was a simple software issue...
The story goes that, in 10.4, you could set up a LEAP-authenticated wireless network as a preferred network in the Network preferences pane. Some time later (and I'm not sure when, maybe 10.4.1) when you tried to do this, the network would not remember that it was LEAP, and then failed to authenticate.
I recently had the pleasure of finding out about this problem. Fortunately, Apple published a workaround. The short version is to choose "WEP Password" as the security type for the network, then specify your LEAP login in the password field. OS X will interpret this as a LEAP login and use it. Hopefully the behavior is fixed in future releases.
I have several machines that I routinely transfer files between. After a rebuild of a PowerBook, I was unable to upload files successfully (but I could download files without issue.) The error indicated that I did not have permissions to upload. I spent a lot of time looking at owner, group and other settings between the machines, all to no avail...
Then, I realized that in the rebuild of the PowerBook, I had created a "testuser" account first, and then constructed my usual user (we'll call it "user") account. This meant that testuser had a User ID (UID) of 501, and my user account had a UID of 502. This, apparently, was a the root of my problem when transferring files between my PowerBook and all my other machines (all of which had a UID of 501 for my user accounts).
A problem I ran into while trying to connect a simple network of a Mac running OS X 10.4 to a PC with Windows XP via a crossover cable was that if I wanted to share my dial-up internet connection from the Mac to the PC, I had to enable DHCP on both machines. While this is great in concept, I found that the machines would not agree with each other, and assigned different subnet masks and IP address ranges to each other.
This meant I could not share files between the computers while DHCP was enabled. So here is my solution:
Set the IP address and subnet mask on all computers to DHCP, except for the Mac that will be sharing the internet connection. Make sure to note which subnet mask and IP address range is assigned to these computers.
Configure the Mac connecting directly to the internet to use "DHCP with a manual address" in the network preference pane, and give it an address in the same range as the rest of the computers in the network.
Apply the changes -- after a few seconds, the Mac should assign the correct subnet mask. I'm not sure whether it is necessary to restart internet and file sharing or not.
File and internet sharing should now work correctly. The only problem I have encountered is that I cannot browse shared folders on the network in the Finder from the Mac with the internet connection -- I have to know the address of each shared folder and mount each one manually using Go -> Connect to server. So I have just added favourites to all the shared folders on the network to the "connect to server" window. Obviously, this may not be practical if the network is large with a large number of shared folders.
If any of you have your Mac sitting on a network with other PC users, you may know how frustrating it can be to share files through Samba. While the /etc/smb.conf file that Apple provides is useful, setting-up an effective public share requires some tweaking. I could not find the necessary tutorial on how to solve my problems on this site or elsewhere, so I decided to write this hint once I figured out how to get things working they way I wanted them to.
This hint has been tested with OS X 10.4.2 only, so I don't know if this will work or is helpful on other systems, though I imagine it is. It would be worth knowing if the backup config file, /etc/smb.conf.template, is significantly different for different versions of OS X.