Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Need some firewall assistance.

D

dazed

macrumors 6502a
Original poster
Jun 23, 2007
911
211
Hi,

I have a AirPort Extreme and a Mac mini (running Lion) that runs 24/7 which I use as a media server.

I'd like to set it up more securely and am wondering the best way to limit its Internet access. Ideally I'd like it only to be able to access the iTunes Store, and the crashplan servers.

Any ideas? Can I do this with the Macs firewall or do I need to get a third party app?

Thanks
 
ChristianVirtual

ChristianVirtual

macrumors 601
May 10, 2010
4,122
282
日本
What are your concerns ? If you don't have lots other software running, no mail or safari your Mac will not connect to outside.
But too make sure you can use te build-in packet filter called: pf.
A command line tool from BSD roots.

There is some front end tool like http://www.macupdate.com/app/mac/41821/icefloor around but I haven't direct experience. I "outsourced" my pf to a dedicated machine protecting my home network but runs stable 24/7 with a nice web frontend.

The big challenge will be to find the IP adresses you want to allow. Not sure if Apple or crashplan server are always reachable under the same IP.
Apple has its own network with 17.0.0.0/8 but some content comes from 3rd party IP. You would have quite some trial&error.

Having your mac behind a AirPort Extreme in NAT mode should give already good level of security; no packets from outside inbound. Do you plan to serve your media files to outside (like iPhone) ?
 
D

dazed

macrumors 6502a
Original poster
Jun 23, 2007
911
211
My main concern is shutting down as many ports from the outside world as I can since the machine runs unattended 24/7.

All the machine runs is Clamxav, iTunes and Crashplan.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom