Mac OS X has had some kind of built-in firewall for a number of years. Up until Mac OS X 10.4 Tiger, the sole firewall included was IPFW (IP Firewall), a popular Unix firewall. System Preferences provided a graphical interface for setting up IPFW, but it was quite limited in the range of settings you could change; and despite offering only a simplified glimpse into IPFW, the preference pane was confusing for inexperienced users. Those who wanted more control over IPFW could use any of several third-party configuration tools or, if they were of a suitably geeky disposition, manually edit the text file that contained all the rules IPFW uses.
Leopard and Snow Leopard contain two firewalls. IPFW is still there, but it's turned off by default and accessible only from the command line or by using a specialized tool. I discuss both approaches later in this chapter. The new default firewall — and the one you can now configure in System Preferences — is an application firewall. That is, instead of allowing or blocking network access to individual packets based on the IP address or port of the incoming data, it allows or blocks incoming access to particular applications on your Mac.
The very first release of Mac OS X 10.5 had significant problems with its application firewall; these were corrected in version 10.5.1 and later releases.
The big advantage of Mac OS X's application firewall is that it's far simpler to understand and use than ...