jsw said:
Nope, not at all, jsw. I believe it depends on one's comfort in the CLI, and the necessity, and possibly one's "geek-titude". For me, I have many (many, many, many) OSX boxes that I am responsible for and need to be able to edit the firewall remotely. So I got to learn all about ipfw. Luckily I was already vaguely aquatinted with ipf, and ipchains. For me it's an invaluable tool and I'd much prefer the granular control I have via the command line over a GUIfied control (which in some instances would mean I have to get up and waddle my fat @$$ to a computer in Outter East Nowhere, just to do a simple task with the firewall). Plus, I am a strong believer that one should have a passing knowledge of just what the hell one is doing when protecting a machine. But as we both mentioned, there's plenty of GUI front-ends for it.
I just want to make sure that anyone who might read this in the future realizes that the GUI control that Apple threw in is completely and utterly worthless!! For you future reader (hello from the past!), I IMPLORE you to use some alternate method of controlling ipfw!!!