NoobProof on but ipfw rules not changed?

Discussion in 'macOS' started by 0dev, Feb 2, 2012.

  1. 0dev macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #1
    I set up NoobProof to block things like SSH and desktop sharing on my Mac, but when I view the ipfw rules, it just says the following:

    Code:
    33300 deny log icmp from any to me in icmptypes 8
    65535 allow ip from any to any
    I did some searching and it looks like this is the default state and nothing has changed :confused:

    Weird thing is, if I block "system services" (which includes mDNSResponder, the thing Apple has made required for both Bonjour and DNS for some reason), then the computer stops connecting to the internet, which would suggest that the firewall does work.

    What I want to know is, if I've set up and saved those rules in NoobProof, and I've set up a startup script and everything, why does this not show up in the ipfw rules?
     
  2. r0k macrumors 68040

    r0k

    Joined:
    Mar 3, 2008
    Location:
    Detroit
    #2
    One thing you omit from your post is whether SSH works when you think it should be blocked. Can you ssh back to your mac after you block it in noobproof?
     
  3. 0dev thread starter macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #3
    I've not tested SSH (and I don't have the resources to do so), but like I said if I block mDNSResponder then my Mac fails to resolve a DNS server, which would suggest that the firewall does indeed work. I'm just curious as to why the actual ipfw rules aren't changed.
     
  4. nDarkness macrumors newbie

    Joined:
    Jan 10, 2012
    #4
    I have never used this program before, so I can only guess as to why no rules are added. If these services are turned off in sharing, then no one will be able to connect either way. So, if the service is off there is nothing to block. Try turning remote login on and see if a rule is created for port 22.
     
  5. 0dev thread starter macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #5
    Good thought, but no, I just tried that and it made no difference. It did tell me that the remote login was blocked by the firewall in System Preferences, but I also have the default SL firewall on.
     
  6. nDarkness macrumors newbie

    Joined:
    Jan 10, 2012
    #6
    You should only be using 1 firewall app. The built in app is probably given presidence over the other. This is likely the reason the rules don't change.

    Sent from my DROID BIONIC using Tapatalk
     
  7. 0dev thread starter macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #7
    Weird though, because I created a thread before I started using NoobProof and asked if I could run them both together, and I was told they operated independently from one another so that was fine. See here.
     
  8. nDarkness macrumors newbie

    Joined:
    Jan 10, 2012
    #8
    Try turning off both firewalls and check your rules. Next enable noob and check your rules. Finally enable the default app and check your rules.

    I use doorstopx for a firewall and can tell you both apps can't be used at the same time. As I mentioned earlier, without the services running, your computer will not process the request to these ports.

    Sent from my DROID BIONIC using Tapatalk
     
  9. Spiffey macrumors newbie

    Joined:
    Oct 23, 2008
    #9
    NoobProof is just a GUI for configuring the built-in IPFW; it's not a stand-alone firewall.

    One thing worth noting is that when you create the ruleset you then have to save it so it uses the rules every time you start up. Could this be causing your problem?
     
  10. 0dev thread starter macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #10
    I'm aware, I just thought IPFW could be used in conjunction with the OS X application firewall but I guess not.

    Yes, I have a startup script set up for my rules.
     
  11. lordj4000 macrumors member

    Joined:
    Jul 17, 2005
    Location:
    In unfathomable darkness
    #11
    Some information. If you disable mdnsresponder it will stop resolving because it is responsible for both bonjour (mdns) and regular dns now. See here for info including how to disable bonjour safely. http://support.apple.com/kb/HT3789
     
  12. 0dev thread starter macrumors 68040

    0dev

    Joined:
    Dec 22, 2009
    Location:
    127.0.0.1
    #12
    I know, I read up on that. Would it still work in Lion? I couldn't find any info at all about mDNSResponder's behaviour in Lion.
     

Share This Page