Jamf Nation Community

TomDay · ‎11-02-2016

I have a few computers that check in to Jamf fine, execute policy no problems etc, but we can't Screen Share into them with Casper Remote or SSH in to them. Wondering if the firewall is turned on so I'm looking for a script that might check the firewall status if Anyone has one? I found a Firewall EA on jamf nation, but it's not pulling any data for me, perhaps its dated (2011).

DBrowning · ‎11-02-2016

#!/bin/sh

fw=$(defaults read /Library/Preferences/com.apple.alf globalstate)

if [ "$fw" == 0 ]; then
echo "<result>No</result>"
else
    echo "<result>Yes</result>"
fi

View solution in original post

franton · ‎11-02-2016

Hi @TomDay .. I wrote this as part of my suite of scripts/EA's for the CIS Security Benchmarks for 10.11. Hope it helps.

https://github.com/franton/CIS-Apple-Security-Casper/tree/master/2.6.3%20Enable%20Firewall

View solution in original post

DBrowning · ‎11-02-2016

#!/bin/sh

fw=$(defaults read /Library/Preferences/com.apple.alf globalstate)

if [ "$fw" == 0 ]; then
echo "<result>No</result>"
else
    echo "<result>Yes</result>"
fi

franton · ‎11-02-2016

Hi @TomDay .. I wrote this as part of my suite of scripts/EA's for the CIS Security Benchmarks for 10.11. Hope it helps.

https://github.com/franton/CIS-Apple-Security-Casper/tree/master/2.6.3%20Enable%20Firewall

TomDay · ‎11-02-2016

@franton @ddcdennisb Wow that was fast, thank you both very much, exactly what I needed, I'm off and running.

franton · ‎11-02-2016

@ddcdennisb I've found that reading that plist file is unreliable. Hence my GitHub post above.

Jamf Nation Community

Find Firewall Status