It has been a few months since I first posted about configuring ipfw on Mac OS X. Since then I have had a few random issues with startup that may have been related to my firewall settings, but I was never able to really hone in on the exact problem (because the problem was not constant, and the logs were not useful). After MacDevCenter recently posted an article on configuring ipfw I took a few minutes to see how they had everything configured and set up, then tweaked my firewall. To my pleasure, I have my new configuration running on my computers and have had no problems.
What I changed:
ipfw.conf: add 02000 allow ip from any to any via lo0 to add 02000 allow ip from any to any via lo*/Library/StartupItems/ipfw/ipfw: my new file./etc/hostconfig: Add:FIREWALL=-YES-/Library/StartupItems/ipfw/StartupParameters.plist: my new file- new syntax in the ipfw.conf (rules are still the same, ecept for my noted change above): my new file
Why did I change my files? I figured O’Reilly knew what they were talking about, and I liked their code better than what I orginally found. Now I am confident in my setup and can recommend it for everyone who is interested in customizing their firewall rules more than Apple allows with their GUI.
