I was mucking around with pfctl
a while back, didn't get very far and forgot about it.
Yesterday, I couldn't ssh
into a remote machine. I disabled the firewall in system preferences but still had the problem. When I couldn't ping
anything I wondered… So, I disabled pfctl
with sudo pfctl -d
and lo and behold ping
and ssh
were working again.
If pfctl
was still running my ruleset regardless of whether the firewall in sys prefs was enabled or not then either:
- the sys prefs firewall is a separate firewall app, not
pfctl
given a simple gui (as I'd assumed). - the firewall in sys prefs is a separate instance of
pfctl
, both can run independent of the other.
or it's something else (I like to give myself leeway). I've checked running processes and can only find Firewall
, no pf
/pfctl
etc, I'm puzzled.
Which option is the truth?
Best Answer
There's no second instance of
pfctl
running. Pretty much everything you have to do withpfctl
requiresroot
priviliges.For example, just getting a listing of rules without using
sudo
gives a "permission denied"Adding
sudo
allows you to view the current rule set:The issue you may be experiencing might be related to this post: Application Firewall is not enabling pfctl