[OpenAFS] Mac OS X 10.6.x: Appropriate Firewall Settings for
Thu, 21 Jul 2011 09:55:51 -0400
On Thu, Jul 21, 2011 at 9:43 AM, Sergio Gelato
> * Duncan S Kincaid [2010-07-30 15:39:41 -0400]:
>> Mac OS X firewall GUI is application-based. Would adding
>> [...] to the 'Allowed Applications' pane be sufficient
>> to ensure proper ports are opened?
> Has anyone succeeded in making OpenAFS work with the Application Firewall
> in Mac OS X? I've just tried with OpenAFS 1.6.0pre7 on a 10.6.8 system,
> adding /usr/sbin/afsd to the list of applications allowed to accept incom=
> connections, and I still can't connect to 7001/udp with rxdebug. The only=
> I was able to get a response on that port was by turning off the applicat=
> firewall entirely.
> On a possibly related note, I see that
> =A0 =A0 =A0 =A0sudo lsof -i UDP:7001
> doesn't print anything, even though the port is listed as open by netstat=
> This is in contrast with other UDP ports (123, 5353).
> The application firewall configuration GUI won't let me bless afs.kext,
> perhaps on the not entirely unreasonable grounds that kernel extensions
> aren't applications.
after "automatically allow signed..." (in Advanced) was enabled, it
"just works" for me, and i have appfw on at all times.