Enable Adaptive Firewall In OS X Server

Apple released this Knowledge Base Article on how to enable the adaptive firewall. This firewall automatically creates temporary rules according to certain events. e. g. A number of failed login attempts will cause the adaptive firewall to create a temporary rule to block the IP address attempting to log in.

Run these commands on the server as an admin user to enable the adaptive firewall:

 

sudo pfctl -f /etc/pf.conf
sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl
sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f

Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist so that pfctl(8) is invoked with the -e flag. This will automatically enable the packet filter the next time the server boots. This can be accomplished with these commands:

 

sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)'
sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist
sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist
Tagged with: , , ,
Posted in Macintosh

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Enter your email address to follow this site and receive notifications of new posts by email.

Join 196 other followers

Categories
Flickr Photos
Martin Scorsese

Alfred Hitchcock

Crater Lake

More Photos
Archives
Colophon
wordpress com stats plugin
%d bloggers like this: