Skip to main content

JSS 8.62
I am having an issue with the "Enable Firewall.sh" script from JamfNation when I run it in a policy. I have this run on all machines, even if the machines has the firewall already enabled, because there have been times when a user has disabled their firewall and I want the machine to re-enable it.



POLICY:
Triggered by login
Set to Run the script as Before with parameter 4 = TRUE



On some of the computers I am getting this error/policy failure log.



/usr/sbin/jamf is version 8.62
Executing Policy Enable Firewall...
Creating directory structure for /Library/Application Support/JAMF/Downloads/
Downloading https://jamfserver:443/software/Scripts/enableFirewall.sh...
Running script enableFirewall.sh...
Script exit code: 0
Script result: Enabling Firewall for OS 10.8 ...
launchctl: Error unloading: com.apple.alf.useragent



Anyone know why this is having an issue unloading the com.apple.alf.useragent?

I'm not familiar with the script, but you'd get an error like that if the launchagent you're trying to unload has not been loaded.

@ zmbarker - I'm using the same script and am getting the same error almost every time it is run. That being said, it DOES enable the firewall and I haven't had any issues afterward. We are using it in production despite the error. YMMV?

@tuinte - I did receive information from JAMFsupport.



These errors are indicating that the launch daemon isn't loaded on these computers. We can either suppress the errors or add a check to see if the launch daemon is loaded by adding a "2>/dev/null" to the end of each line that UNLOADS the task. Here's an example:



/bin/launchctl unload /System/Library/LaunchDaemons/com.apple.alf.agent.plist 2>/dev/null
/bin/launchctl unload /System/Library/LaunchAgents/com.apple.alf.useragent.plist 2>/dev/null



This seems to have either fixed the problem or at least stopped the policy from reporting failure.

Thanks a bunch.

Terms & ConditionsCookie settings