Languages

OS X Server: How to enable the adaptive firewall

Learn how to enable the adaptive firewall in OS X Server.

  1. Run these commands on the server as an admin user to enable the adaptive firewall.

    • For OS X Server on OS X Mavericks:

      sudo pfctl -f /etc/pf.conf
      sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl
      sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -c
      sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f
    • For OS X Server on OS X Mountain Lion or Lion:

      sudo pfctl -f /etc/pf.conf
      sudo /Applications/Server.app/Contents/ServerRoot/usr/sbin/serverctl enable service=com.apple.afctl
      sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f
  2. Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist so that pfctl(8) is invoked with the -e flag. This will automatically enable the packet filter the next time the server boots. This can be accomplished with these commands:

    sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)'
    sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist
    sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist

 

Last Modified: Oct 24, 2013
Helpful?
Yes
No
Not helpful Somewhat helpful Helpful Very helpful Solved my problem
Print this page
  • Last Modified: Oct 24, 2013
  • Article: HT5519
  • Views:

    25417
  • Rating:
    • 62.0

    (353 Responses)

Additional Product Support Information

Start a Discussion
in Apple Support Communities
See all questions on this article See all questions I have asked