Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Firewall: unable to change some app settings

hiapou said:
You need to mount the Macintosh HD - Data volume, which is separate from the base system volume

Open Disk Utility from the main Recovery menu
In the sidebar find the greyed-out volume named Macintosh HD - Data
Click on that volume and then click Mount in the tool bar
You will be prompted for a password if FileVault is active

Once mounted the Data volume will be available until you reboot and you can navigate in the Terminal to /Volumes/Macintosh HD - Data/Library/Preferences to find the files you expect (during a normal boot the Data volume is overlayed on top of the base volume)
Click to expand...
Amazing ! thank you !
I had this issue on 15.2 and it was driving me mad.
so, recovery mode (long press on power), Disk Utility, mounting Data (need password), terminal, remove /Volumes/Data/Library/Preferences/com.apple.networkextension.* , unmount data, reboot, and enjoy.

Many thanks to you @hiapou and @ryanslikesocool for your detailed posts ;-)

 
I got a new Mac recently and first thing before setting up was to update it to Sequoia 15.1.1 - and encountered this same problem even while I did not migrate anything from older system. Now I remembered this issue and checked again - it looks like problem has disappeared after update to 15.2 without any intervention...
 
The firewall gui is strange, sometimes the buttons are greyed, and you have to wait a dozen of seconds before they become blue and actionnable.

Other strange thing:
Code: 
/usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode on
Turning on log mode
Failed to set log mode (err: 1 - failed to read key from preference file)

The stealth mode only block icmp, and if you do an nmap from another linux machine, it finds the open ports.

I've checked with the python http server on my mac and curl on the remote, and blocking seems to work anyway. The server close the connection immediately.

I know there are some gui for the other native BSD firewall based on pfctl, but I prefer to stick with the Apple one, but I'm not very confortable. 😆 Thanksfully I'm not using my mac a lot on untrusted networks.
 
Finally did this. I was able to remove the com.apple.networkextension.* files from recovery mode after mounting the Data volume, without disabling SIP. Firewall configuration was reset to default and all app entries previously added to the list were gone. Perfect.

The firewall was actually disabled and toggles to "automatically allow" certain classes of software were enabled again, but once I set all of that how I like, things seem to be in good working order.

Maybe 15.2 would have fixed this (as @nmt1900 suggests) but I hadn't installed that yet. I did this procedure from 15.1.1. Installing 15.2 is next on my hit list, doing it right now.

(Seriously not going to install the next major macOS update until 16.2 is out...)
 
  • Like
Reactions: Lab34
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back