By "built-in" I mean the backend of the System firewall (System Preference->Security&Privacy->Firewall). Is it ipfw or pf? (I know that ipfw was the backend for previous versions of OS X).
And, what are the commands/logs that I can use to determine which firewall is running?
Best Answer
The firewall in OS X 10.9 is now "pf".
It is controlled by the tool
pfctl
which can also give you a lot of status about the firewall itself. Trysudo pfctl -s all
and you will get a huge dump of info. If you want a lot of information you can add one or two-v
to the front of the options for even more info -sudo pfctl -v -v -s all