In case anyone else finds themselves here for a similar reason to me, I just thought I would chime in that the problem I was trying to solve was network issues with webhook calls for local network devices from an old version of node and node-red. Updating the nvm/node/node-red stack to the latest versions magically fixed the issue without me needing to add `node` to the `Local Network` pane in system settings. No more host unreachable errors (EHOSTUNREACH).
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Local Network Access Nightmare
- Thread starter MOM20xx
- Start date
- Sort by reaction score
From my notes, just went through it:
Force-delete persistent Network Extension configuration after app removal in MacOS Recovery Mode.
It is required when deleted applications leave orphaned services that block Local Network permissions (e.g. crashed VPNs, security tools). The configuration can't be deleted while the OS is running. Most of the configuration files are protected by System Integrity Protection (SIP) during normal boot. Recovery Mode bypasses SIP.
Example of orphaned service: synergy-service
Location: System Settings > Privacy & Security > Local Network
Config file disk location: Macintosh HD/Library/Preferences/com.apple.networkextension.plist
IMPORTANT NOTE: Backup first as this will reset all network extensions and more
-------------------------------------------------------------------------------------------
1. Shut down the computer: Apple menu > Shut Down
2. Boot to Recovery:
a. Press the Power button and hold it until 'Loading Startup Options...' text appears
b. Select: Options > Continue > Authenticate as admin
c. Open Terminal: Top menu bar > Utilities > Terminal
3. Identify system volume (ignore external drives): diskutil list internal
4. Unlock FileVault (if enabled): diskutil apfs unlockVolume disk3s4 -passphrase "your_mac_login_password"
* disk3s4 for disk3 and partition 4, replace it by your 'Macintosh HD - Data' identifier
* omit -passphrase to enter password interactively
5. Mount & remount system volume (-u for update existing mount and -w for enable read-write mode):
a. diskutil mount disk3s4
b. mount -uw /Volumes/Macintosh\ HD
6. Access the file system: cd /Volumes/Macintosh\ HD/
7. Delete the com.apple.networkextension.plist configuration file (-f for force)
a. cd /Volumes/Macintosh\ HD/Library/Preferences
b. rm -f com.apple.networkextension.plist
c. Confirm deletion: ls -la | grep networkextension
8. Reboot: Apple menu > Restart
Important Post-Recovery Actions:
a. System Settings > Privacy & Security > Local Network
Apps might not work until re-added: Open the app and it should trigger permission prompt
b. System Settings > Network > Firewall
Firewall will be turned off, reset to defaults and all custom rules lost: Turn on and re-configure the Firewall
c. System Settings > Network > Filters & Proxies
Re-enter the app manually or open the app and it will trigger permission prompt
d. System Settings > General > Login items & Extensions > Extensions (select 'By Category', Tahoe only) > Network Extensions
Network extensions (e.g. ad blockers) will be disabled until re-enabled
Pro Tips:
a. If rm fails, the file may be locked by a kernel extension. Boot into Safe Mode first (shift key at startup)
b. Always uninstall apps via their official uninstaller before deleting app bundles
c. Last resort only: If the file reappears after reboot, the orphaned service is still registered.
Run in terminal before deletion: sudo launchctl remove com.apple.networkextension
This procedure is irreversible and may cause system failure or instability.
It seems I spoke too soon. I have 2 computers that I did this on, both mac minis. One is still solved - no `EHOSTUNREACH` errors. The other (which uses the http request nodes less frequently) is again giving me the errors. I'm currently trying to fix it...
Ran into this today - app never requests access (but needs it) and can't add it manually. That last part is the root issue here - Apple needs to give us a way to manually add apps to the list like we can for disk access.
I'm very interested in your method if it solves the problem, but your link doesn't work, it just says "Corrupted Content Error"
Would be nice if you tried again, thanks.