Enable Adaptive Firewall In OS X Server

Apple released this Knowledge Base Article on how to enable the adaptive firewall. This firewall automatically creates temporary rules according to certain events. e. g. A number of failed login attempts will cause the adaptive firewall to create a temporary rule to block the IP address attempting to log in.

Run these commands on the server as an admin user to enable the adaptive firewall:


sudo pfctl -f /etc/pf.conf
sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl
sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f

Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist so that pfctl(8) is invoked with the -e flag. This will automatically enable the packet filter the next time the server boots. This can be accomplished with these commands:


sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)'
sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist
sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist
Tagged with: , , ,
Posted in Macintosh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Enter your email address to follow this site and receive notifications of new posts by email.

Join 196 other followers

wordpress com stats plugin
%d bloggers like this: