Chapter 20. The Mac OS X Server Firewall

The term “firewall” can take a variety of meanings, but we will start with a general definition of purpose: a firewall exists to help enhance the security of the firewall operator’s resources. These resources generally include computers, data, bandwidth, and employee productivity. Computer networks can be complex, and perhaps sometimes as much of a liability as an asset. Firewalls are a great way to help limit the liabilities surrounding network-related resources.

This chapter follows a bottom-up approach. It starts by discussing exactly what a firewall does and how it does its thing. I identify various reasons to implement a firewall, along with discussion of how the firewall service is positioned in Mac OS X Server by Apple. Mostly, the chapter focuses on the specifics of the firewall service in Panther Server, and the ways it is different from firewalls on other platforms.

From there, the chapter examines the default firewall configuration, how that configuration is loaded at startup and stored on disk, and of course how to modify that configuration using Server Admin and various command-line tools. This chapter does not attempt to teach all the fundamentals of routing or firewall theory, but it does attempt to aid the novice or advanced administrator in understanding, configuring, and maintaining the firewall.

A Firewall’s Place in Network Communication

A good way to achieve an understanding of how network communication works from end to ...

Get Essential Mac OS X Panther Server Administration now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.