Networking Port issue

[blacka4]

Hey guys, this one is new to me. I am in need to enable a few ports on my M4 minis and for the damn life of me I can’t figure out how. No matter what i do:

Firewall on application in the table with allow all connections

Firewall off completely

Sudo nano/pf.conf (thats shorted btw) and add the pass allow with the port number and tcp/udp

My firewall has the ports enabled

I still can not get the computer to listen for traffic on those ports. The ports i am tring to use are 5630 though 5684 not all of them, but I am trying to test out node software for a blockchain I am building.

Thank you for your time and effort.

I have 2 ports open…for my bootstrap node and seed for the chain…5620 and 5621. But I can not get 5622 to allow traffic though.

 

[chabig]

I understand that you turned your firewall on. It was off by default. I recommend turning it back off permanently. Or turn it off, get your software working, and then progressively close it while monitoring your ports. At the same time, could these ports be blocked by your router?

 

[blacka4]

That’s tithing. The native firewall in os26 is OFF. and I still can’t get it the ping reply if I ping that specific port

it like the computer is still blocking that port and will not allow the dashboard that is supposed to be listening on that port to use it.

 

[FreakinEurekan]

Start by pinging the ports from another device on the same network; that'll tell you if it's a computer issue or a router issue.

 

[blacka4]

Start by pinging the ports from another device on the same network; that'll tell you if it's a computer issue or a router issue.

have any good scanner or should I just user terminal?

 

[FreakinEurekan]

have any good scanner or should I just user terminal?

Terminal’s fine. Just need to see if it’s working locally (which means figure out what’s wrong with your router and/or Internet provider) or if it’s not (which means the Mac isn’t configured properly).

 

[blacka4]

And considering I’m still new to terminal. Which command would I run.

 

[chabig]

nc -zv <local IP address> 5630-5684

Explanation of the command:
• nc — macOS built-in netcat tool
• -z — Zero I/O mode (scan the port without sending data)
• -v — Verbose output (shows clear success or failure message)
• <local IP address> — Replace with the actual IP address you want to test
• 5630-5684 — The specific ports you want to check

 

[Grumpus]

The ping command uses the icmp protocol which doesn't work with ports. The nc command previously recommended by @chabig is probably what you want, but note that you can specify a single port, i.e. you don't have to give a range. Having Enable stealth mode set in your firewall options will result in nc hanging if nothing is listening on a given port. IME on Sequoia, this is true whether or not the firewall is enabled. So I would recommend turning off Enable stealth mode and then turning off the firewall altogether until you have things working.

 

[svenmany]

Just to be clear, there are two distinct firewalls shipped with the Mac: the application-level firewall and the packet firewall. The one that's configured in System Settings is the first. The second is called "PF" and the file "pf.conf" is part of that. Make sure PF is off unless you really mean to be configuring it as you seem to be doing with nano.

"sudo pfctl -s info" should display "Status: Disabled" if PF is disabled.

 

[Grumpus]

Just to be clear, there are two distinct firewalls shipped with the Mac: the application-level firewall and the packet firewall. The one that's configured in System Settings is the first. The second is called "PF" and the file "pf.conf" is part of that. Make sure PF is off unless you really mean to be configuring it as you seem to be doing with nano.

"sudo pfctl -s info" should display "Status: Disabled" if PF is disabled.

I'm still on Sequoia. sudo pfctl -s info always says "Status: Enabled" for me, and I've so far had the good sense not to fiddle with pf.conf or any of it's spaghetti tables. Note that pf is enabled regardless of whether or not the Firewall in System Settings is enabled or not. So, you now have me even more confused than usual. Has something changed in this area in Tahoe?

 

[Grumpus]

Note that pf is enabled regardless of whether or not the Firewall in System Settings is enabled or not.

Interesting. On Sequoia, if Enable stealth mode is turned on in System Settings -> Firewall -> Options, then pf is enabled, even when the Firewall is turned off. If you toggle off Enable stealth mode and then disable the Firewall, pf is disabled. That, to me, is unexpected behavior. I'd be curious to hear what people see in Tahoe. BTW, as far as I know, everything to do with the Firewall is accomplished via pf.

 

[svenmany]

I'm still on Sequoia. sudo pfctl -s info always says "Status: Enabled" for me, and I've so far had the good sense not to fiddle with pf.conf or any of it's spaghetti tables. Note that pf is enabled regardless of whether or not the Firewall in System Settings is enabled or not. So, you now have me even more confused than usual. Has something changed in this area in Tahoe?

I am not aware of any changes.

Interesting. On Sequoia, if Enable stealth mode is turned on in System Settings -> Firewall -> Options, then pf is enabled, even when the Firewall is turned off. If you toggle off Enable stealth mode and then disable the Firewall, pf is disabled. That, to me, is unexpected behavior. I'd be curious to hear what people see in Tahoe.

That's great information. So that's how they do stealth mode. But, PF can be configured without turning on stealth mode. When you turn on stealth mode, Apple must add a rule at the beginning (called a "quick" rule) that turns on all blocking and then skips any following rules that you might have configured.

What's important is that the OP must not have PF enabled unless they've carefully configured it to allow the ports in question. The learning curve for PF was steeper for me than for Linux iptables; it's easy to make mistakes in PF without some training or extra tools (like Murus Firewall which configures PF graphically).

 

[blacka4]

this is good info. thank you all for this...keep it coming

I managed to get it to work, well not me but myself and the dev team....I have communication....wooohooo.