April 15, 2007

Firewall StartupItem part 2

One thing that's very important when setting up a new StartupItem like I did with my Firewall script is to make sure that the privledges are set correctly so that it actually runs at startup... The acticle I referenced didn't include this, but the reader comments at the end did. Specifically, the folder and enclosed items should be owned by root with group wheel with privs 755.

I had one question regarding the script and how I references the set of rules I wrote, the original article had these saved in /etc, which to me seemed a bit silly, having them in the same folder as the Startup script seemed much more logical. Here is my working script for this:


# Firewall

. /etc/rc.common

StartService ()
if [ "${FIREWALL:=-NO-}" = "-YES-" ]
ConsoleMessage "Starting Firewall"
sh /Library/StartupItems/Firewall/fw.rules > /dev/null

StopService ()
ConsoleMessage "Stopping Firewall"
/sbin/ipfw -f -q flush

RestartService ()

RunService "$1"

Posted by Jim at April 15, 2007 9:55 PM | TrackBack