Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X 10.7 Lion

Reply
 
Thread Tools Search this Thread Display Modes
Old Jul 11, 2013, 01:25 AM   #1
DarthMuflon
macrumors newbie
 
Join Date: Jul 2013
ipfw rules to run on startup

Hello to everyone

I wanted to limit my internet speed with terminal commands:

sudo ipfw pipe 1 config bw 200KBytes/s
sudo ipfw add pipe 1 all from any to any in

and that works.
But with computer restart that setting is gone, so I have to write it again.
And I came to idea to make a deamon that does it.

I wrote a file with content:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://
www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>ipfw</string>
<key>Program</key>
<string>/sbin/ipfw</string>
<key>ProgramArguments</key>
<array>
<string>/sbin/ipfw</string>
<string>/etc/ipfw.conf</string>
</array>
<key>RunAtLoad</key>
<true />
</dict>
</plist>

and save it on path /Library/Launch Daemons/ipwf.plist

and I also made a file /etc/ipfw.conf with content

/sbin/ipfw -f -q flush
/sbin/ipfw pipe 1 config bw 200KByte/s
/sbin/ipfw add pipe 1 all from any to any in
/sbin/ipfw -q /etc/ipfw.conf

but after computer restart I don't have limitation setting, and ipfw has just a default settings.

Can you help me?
DarthMuflon is offline   0 Reply With Quote
Old Jul 11, 2013, 11:14 AM   #2
Weaselboy
macrumors G5
 
Weaselboy's Avatar
 
Join Date: Jan 2005
How about putting in in Applescript then have the Applescript launch at boot?


Code:
do shell script "sudo ipfw pipe 1 config bw 200KBytes/s"
do shell script "sudo ipfw add pipe 1 all from any to any in"
Weaselboy is online now   0 Reply With Quote
Old Jul 11, 2013, 05:08 PM   #3
chown33
macrumors 603
 
Join Date: Aug 2009
Quote:
Originally Posted by DarthMuflon View Post
...
and I also made a file /etc/ipfw.conf with content

/sbin/ipfw -f -q flush
/sbin/ipfw pipe 1 config bw 200KByte/s
/sbin/ipfw add pipe 1 all from any to any in
/sbin/ipfw -q /etc/ipfw.conf
This appears to be a shell script, rather than a list of ipfw rules.

Referring to the ipfw man page:
https://developer.apple.com/library/...n8/ipfw.8.html
To ease configuration, rules can be put into a file which is processed using ipfw as shown in the last synopsis line. An absolute pathname must be used. The file will be read line by line and applied as arguments to the ipfw utility. [underline added]

If the file is a shell script, the correct contents of the plist should be:
Code:
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>/etc/ipfw.conf</string>
</array>
and you should remove the Program key. Read the man page for launchd.plist.
Program <string>
This key maps to the first argument of execvp(3). If this key is missing, then the first element of the array of strings provided to the ProgramArguments will be used instead. This key is required in the absence of the ProgramArguments key.

When testing, you should be able to run a command like ProgramArguments lists, and have it work correctly in Terminal. If it fails in Terminal, it's probably going to fail as a launchd plist.

You seem to have gone from these Terminal command lines:
Code:
sudo ipfw pipe 1 config bw 200KBytes/s
sudo ipfw add pipe 1 all from any to any in
to a launchd plist file, without ever testing whether the /etc/ipfw.conf file actually worked with ipfw on a Terminal command line. Refer to the ipfw man page for how to run the command so it reads rules from a file. Or tell launchd to run a shell script, because the file appears to contain shell commands.


EDIT
In a shell script, this line is wrong:
Code:
/sbin/ipfw -q /etc/ipfw.conf
Leaving it in would tell the shell to run the commands in /etc/ipfw.conf, whose last command tells the shell to run the commands in /etc/ipfw.conf, whose last command ... etc. Remove it and avoid death by endless recursion.

Last edited by chown33; Jul 11, 2013 at 07:28 PM.
chown33 is online now   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X 10.7 Lion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
IPFW what's the minimum set of required open ports/rules (config from Lion bad) macncrumors OS X Mavericks (10.9) 0 Oct 24, 2013 10:23 AM
IPFW help please. houserhythm OS X 10.8 Mountain Lion 3 Sep 9, 2013 03:43 PM
Terminal run on startup command Zogw Mac Applications and Mac App Store 7 Jan 26, 2013 10:24 AM
Run Terminal Command as root on Startup evilblob OS X 10.8 Mountain Lion 1 Aug 2, 2012 01:25 AM
10.6: Startup Item doesn't run, only on scheduled restarts adamfishercox OS X 5 Jun 4, 2012 02:40 PM

Forum Jump

All times are GMT -5. The time now is 01:30 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC