Is there the command in Mac OS X(10.8) equivalent to 'iptables'?

I want to reject some traffic in Mac OS X 10.8(Server) like using:

iptables -t filter -I INPUT 4 -s xxx.xxx.xxx.0/20 -p tcp --dport 1723 -j REJECT

Is there the equivalent command for Mac OS X?

2 Answers

With OS X 10.7, Apple deprecated use of FreeBSD's ipfw and switched to OpenBSD's pf.

The control command for pf is pfctl(8).

You will find a brief discussion as of 10.7 here. This is useful for highlighting a couple ways OS X's PF differs from the stock BSD version.

Documentation on PF is widely available, including Hansteen's The Book of PF. The author also wrote a freely available tutorial, and the OpenBSD documentation is also freely available.

Note: If your machine is also running OS X Server under 10.8, you might need to fix a config error that Apple made before PF starts working.

Is there the equivalent command for Mac OS X?

I don't believe so. They used to have ipfw and ipfw6, but that's been marked as deprecated. I have not been able to find a replacement either. See, for example, Firewall and Blocking [More] Traffic.

Essentially, Apple has taken nearly all control away from the users.

2 Answers

Your Answer

Sign up or log in

Post as a guest

Related Journals

What are the extra icons that sometimes show up on Okami HUD during combat?

How do I get a lower natural regeneration rate?

What are the different buffs of Titania's Tribute and their effects

How can I reduce congestion on the highway coming into the city?