MacOS – Black hole all IP addresses except for 192.168.1.1

macos

I have a machine. I want to configure it so that it can only talk to 192.168.1.1 (gitserver) and 127.0.0.1 (localhost).

This machine is meant to be pure work, no distractions.

I'm on OS X Lion.

I'm familiar with iptables on Linux, but not sure how to configure this (or if it's even possible).

What do I need to read up to make this work?

PS: configuring the router is not an option; it's some simple $30 router.

Best Answer

Mac OS X like other BSD systems uses ipfw instead of iptables. Read the man page for full reference.

One way to would be to deny all TCP "establish connection" packets except those directed to gitserver, leaving all other traffic untouched:

ipfw add allow tcp from me to gitserver setup
ipfw add allow tcp from me to me setup # may not be needed
ipfw add deny tcp from any to any setup

The rules will be lost on reboot, so they must be set on every boot (e.g. from /etc/rc.common or crontab's @reboot).

If that seems too complicated, get a third party firewall. Little Snitch is a good one, but it costs another $30 :)

Related Solutions

MacOS – external hd mac ntfs 3g could not mount

Install NTFS-3g in here: http://www.macupdate.com/app/mac/24481/ntfs-3g

Then install OSXFUSE: http://osxfuse.github.com/

MacFuse has been abandoned for a while now. Someone picked it up and rename it to OSXFUSE

If you want to use it for Mac and Linux, use FAT. If you want to use it for time machine, use HFS Journaled.

MacOS – Quitting and reopening Mail loses all accounts

Chase reports and asks:

Also, the folder ~/Library/Mail only has two folders

Mail Lost+Found V2 All of my mailboxes are contained within V2... is that normal?

Those folders should exist, but at least based on the contents of my own ~/Library/Mail folder, it's incomplete. I also have individual folders for each of my email accounts and those folders contain mbox files which I assume are the local copies of the IMAP mailstore.

screenshot of Mail folder contents in Finder

By way of troubleshooting, it might be interesting to know what the file permissions are for the Mail directory.

Open the terminal, and type (or cut and paste) the following command:

ls -l ~/Library/Mail

The results (edited here to show only the relevant line) for my own functional Mail folder are:

drwx------    13 jaberg  staff    442 Oct 13 00:25 Mail

The permissions basically tell us that this a directory and that the owner, jaberg (me) is able to read, write and execute. (The execute permission of a directory is sometimes thought of as the search permission. You need the x in order to be allowed access to the information about the contents of the directory.)

You can also view permissions from Finder by selecting the folder and performing Get Info… from the file menu (or ⌘+i), but you won't get as much information.

screenshot of permissions for Mail folder in Finder

You'll find more information about accessing and interpreting file permissions in the Apple Knowledgebase: Troubleshooting permissions issues in Mac OS X

If you're permissions differ from those shown here, you can try to Repair Permissions using Disk Utility (this doesn't require a restart or booting from a different volume) or, if you're comfortable, change the permissions of the Mail folder to match those shown using the chmod command. You can learn about chmod from its man(ual) pages, accessed from the terminal by typing:

man chmod

Best Answer

Related Solutions

MacOS – external hd mac ntfs 3g could not mount

MacOS – Quitting and reopening Mail loses all accounts

Related Question