Can't block port

[Jethryn Freyman]

I have a port I would like to block, but I'm having a little difficulty.

Example: I don't use Kerberos, but port 88 is still open. I've tried using ipfw to block the port, but it is still open.

deny tcp from any to any dst-port 88

What is keeping this port open?

 

[BlueRevolution]

Mac OS X's firewall isn't getting the job done?

 

[Jethryn Freyman]

Mac OS X's firewall isn't getting the job done?

No, it works by blocking applications, not specific ports. IPFW should be blocking the port, but I don't know why it isn't. There aren't any conflicting allow rules.

 

[loveturtle]

No, it works by blocking applications, not specific ports. IPFW should be blocking the port, but I don't know why it isn't. There aren't any conflicting allow rules.

Are you sure it's not working and what you have open is the udp port?

How about "deny all from any to me 88"
Also, use "ipfw -a list" to take a look at packet counters for the rule. You can see if the rule is being hit or not.

Or, Make a deny rule for udp and then for tcp do "reset tcp from any to me 88"
that will actually return a tcp rst so someone poking at your port will get "connection refused" which makes it look like it's really closed. if they just don't get a response it's obviously firewalled.

 

[Jethryn Freyman]

Found my problem.

The port was closed to all outside sources, but ipfw was allowing all traffic on the loopback interface. I had to add the new rule above the rule allowing traffic through the loopback interface.

Dumb mistake by me.

Thanks anyway