programatically add firewall exceptions?

ImAMacGuy
Valued Contributor II

Is there a way to add apps to the firewall via script or something?

Currently we are deploying a copy of the preference file during the
workflow, but for new apps coming out - we don't want to have to keep
redoing the firewall file.

John Wojda

Lead System Engineer, DEI & Mobility

3333 Beverly Rd. B2-338B

Hoffman Estates, IL 60179

Phone: (847)286-7855

Page: (224)532.3447

Team Lead DEI: Matt Beiriger
<mailto:mbeirig at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Fe
edback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.>

Team Lead Mobility: Chris
<mailto:cstaana at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Fe
edback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.> Sta
Ana

Mac Tip/Tricks/Self Service & Support
<http://bit.ly/gMa7TB>

3 REPLIES 3

RobertHammen
Valued Contributor II

Nope. I resorted to the same approach that you did - stop/unload the firewall, push out the prefs, start/reload the firewall (and sometimes that errors out until the machine is restarted).
On May 18, 2011, at 2:27 PM, Wojda, John wrote:

I ran this past AppleCare Enterprise and was told it wasn't possible.

--Robert

rmanly
Contributor III

You could turn off the Application-based firewall and use ipfw instead.

http://www.hanynet.com/waterroof/

This can be used to help you build a rule-list.

Ryan M. Manly
Glenbrook High Schools

jarednichols
Honored Contributor

We use ipfw instead of application firewall. IPFW is also more flexible in that you can craft your rules such that if you're on one set of IP scope (e.g. On your internal network) it's less restrictive than if you're on the outside world.

j
--
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436