Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

NoobProof on but ipfw rules not changed?

0dev

0dev

macrumors 68040
Original poster
Dec 22, 2009
3,947
24
127.0.0.1
I set up NoobProof to block things like SSH and desktop sharing on my Mac, but when I view the ipfw rules, it just says the following:

Code: 
33300 deny log icmp from any to me in icmptypes 8
65535 allow ip from any to any

I did some searching and it looks like this is the default state and nothing has changed :confused:

Weird thing is, if I block "system services" (which includes mDNSResponder, the thing Apple has made required for both Bonjour and DNS for some reason), then the computer stops connecting to the internet, which would suggest that the firewall does work.

What I want to know is, if I've set up and saved those rules in NoobProof, and I've set up a startup script and everything, why does this not show up in the ipfw rules?
 
0dev said:
I set up NoobProof to block things like SSH and desktop sharing on my Mac, but when I view the ipfw rules, it just says the following:

Code: 
33300 deny log icmp from any to me in icmptypes 8
65535 allow ip from any to any

I did some searching and it looks like this is the default state and nothing has changed :confused:

Weird thing is, if I block "system services" (which includes mDNSResponder, the thing Apple has made required for both Bonjour and DNS for some reason), then the computer stops connecting to the internet, which would suggest that the firewall does work.

What I want to know is, if I've set up and saved those rules in NoobProof, and I've set up a startup script and everything, why does this not show up in the ipfw rules?
Click to expand...

One thing you omit from your post is whether SSH works when you think it should be blocked. Can you ssh back to your mac after you block it in noobproof?
 
I've not tested SSH (and I don't have the resources to do so), but like I said if I block mDNSResponder then my Mac fails to resolve a DNS server, which would suggest that the firewall does indeed work. I'm just curious as to why the actual ipfw rules aren't changed.
 
I have never used this program before, so I can only guess as to why no rules are added. If these services are turned off in sharing, then no one will be able to connect either way. So, if the service is off there is nothing to block. Try turning remote login on and see if a rule is created for port 22.
 
nDarkness said:
I have never used this program before, so I can only guess as to why no rules are added. If these services are turned off in sharing, then no one will be able to connect either way. So, if the service is off there is nothing to block. Try turning remote login on and see if a rule is created for port 22.
Click to expand...

Good thought, but no, I just tried that and it made no difference. It did tell me that the remote login was blocked by the firewall in System Preferences, but I also have the default SL firewall on.
 
You should only be using 1 firewall app. The built in app is probably given presidence over the other. This is likely the reason the rules don't change.

Sent from my DROID BIONIC using Tapatalk
 
nDarkness said:
You should only be using 1 firewall app. The built in app is probably given presidence over the other. This is likely the reason the rules don't change.

Sent from my DROID BIONIC using Tapatalk
Click to expand...

Weird though, because I created a thread before I started using NoobProof and asked if I could run them both together, and I was told they operated independently from one another so that was fine. See here.
 
Try turning off both firewalls and check your rules. Next enable noob and check your rules. Finally enable the default app and check your rules.

I use doorstopx for a firewall and can tell you both apps can't be used at the same time. As I mentioned earlier, without the services running, your computer will not process the request to these ports.

Sent from my DROID BIONIC using Tapatalk
 
NoobProof is just a GUI for configuring the built-in IPFW; it's not a stand-alone firewall.

One thing worth noting is that when you create the ruleset you then have to save it so it uses the rules every time you start up. Could this be causing your problem?
 
Spiffey said:
NoobProof is just a GUI for configuring the built-in IPFW; it's not a stand-alone firewall.
Click to expand...

I'm aware, I just thought IPFW could be used in conjunction with the OS X application firewall but I guess not.

One thing worth noting is that when you create the ruleset you then have to save it so it uses the rules every time you start up. Could this be causing your problem?
Click to expand...

Yes, I have a startup script set up for my rules.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back