Skip to main content
Jamf Nation, hosted by Jamf, is a knowledgeable community of Apple-focused admins and Jamf users. If you like what you see, join us in person at the ninth annual Jamf Nation User Conference (JNUC) this October for three days of learning, laughter and IT love.

Opening application or port on Firewall for 10.7 and 10.8 Macs

I have a utility that uses port ####(redacted), and need to open the local Mac's firewall to handle this. I'm not very experienced with OS X firewalls other then the pretty GUI. My research has revealed that for the command line:

ipfw is deprecated
pfctl replaces ipfw
socketfilterfw handles application specific firewall issues
\- also the '-t' option seems to be deprecated

Ideally I'd love to use a socketfilterfw command to add the utility as a trusted app
alternatively what would be the pfctl command to accept port #### connections?


\- Miles

Like Comment
Order by:
SOLVED Posted: by nessts

its not easy nor is it pretty

SOLVED Posted: by nessts

sorry this one was pretty good

SOLVED Posted: by malroy

Try this command

/usr/libexec/ApplicationFirewall/socketfilterfw --add "applicaton location/"

This will allow the socketfilterfw command to trusted the app and it will show up in the GUI

SOLVED Posted: by miles3w

After much testing I found the sequence needed to add an app to the firewall. Thanks for the suggestions...
\- Miles

\# Start firewall in case it is off
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

\# Sign app binary
/usr/libexec/ApplicationFirewall/socketfilterfw -s "/appLocation/"

\# Stop firewall
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off

\# Add binary as trusted application to firewall
/usr/libexec/ApplicationFirewall/socketfilterfw --add "/appLocation/"

\# Start firewall
/usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on