bbao
asked on
Apply different firewall controls against different adapters on Mountain Lion
hi Mac folks
my Mac Pro got three network adapters (2 x Gigabit Ethernet + 1 x Wi-Fi), and i prefer using the wireless connection to access the Internet and leaving the two wired connections for private file sharing and VM communication.
therefore, for the wireless connection, the firewall policy should be to disable all incoming traffic and allowing all outgoing access, while the wired connections should be firewall free or allowing specific application protocols. but it seems the Firewall options under System Preferences have no such a detailed control.
is it possible to apply different firewall controls on different adapters?
furthermore, what's behind the built-in firewall of Mountain Lion? PF or IPFW? is there any command line that may allow me to enable such particular firewall control?
any comments are welcome.
thanks heaps,
bbao
my Mac Pro got three network adapters (2 x Gigabit Ethernet + 1 x Wi-Fi), and i prefer using the wireless connection to access the Internet and leaving the two wired connections for private file sharing and VM communication.
therefore, for the wireless connection, the firewall policy should be to disable all incoming traffic and allowing all outgoing access, while the wired connections should be firewall free or allowing specific application protocols. but it seems the Firewall options under System Preferences have no such a detailed control.
is it possible to apply different firewall controls on different adapters?
furthermore, what's behind the built-in firewall of Mountain Lion? PF or IPFW? is there any command line that may allow me to enable such particular firewall control?
any comments are welcome.
thanks heaps,
bbao
ASKER
thanks for your prompt reply.
> OSX now has 2 firewall programs IPFW and PF
when you say "yes", do you mean there are two firewalls running simultaneously? if so, what's the point for OSX to run two firewall engines at the same time?
or, do you mean IPFW and PF are just two front-ends?
> PF is now the primary firewall on OSX
if PF is the primary, is IPFW still running at the same time?
> OSX now has 2 firewall programs IPFW and PF
when you say "yes", do you mean there are two firewalls running simultaneously? if so, what's the point for OSX to run two firewall engines at the same time?
or, do you mean IPFW and PF are just two front-ends?
> PF is now the primary firewall on OSX
if PF is the primary, is IPFW still running at the same time?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
that just seems to be the stuff i am looking for. thanks a lot.
http://www.hanynet.com/waterroof/
You can set different firewall settings per adapter.
OSX now has 2 firewall programs IPFW and PF (introduced in 10.7+) and there is a new tool from the makers of WaterRoof called IceFloor to configure PF. PF is now the primary firewall on OSX
http://www.hanynet.com/icefloor/index.html