How can I limit Mac sharing services to a details network/adapter?
I desire is to set up a Mac to connect to numerous networks. Until now, so excellent. Nonetheless, I just intend to grant AFP accessibility to customers on ONE of the networks, yet not the various other. Just how can I complete this on (non-server ) Mac OS X?
This is possibly a concern that shows up a fair bit in IT - you intend to make use of the very same equipment as a world-facing internet server and also as an inner AFP (or whatever ) web server, yet I have not actually had the ability to locate a means to do it.
You can do this making use of the builtin
ipfw firewall (it is not the default firewall in Snow Leopard, yet it is still consisted of). You can set up from the command line, the specific regulation set you require relies on your various other needs, yet the details regulation in inquiry would certainly be something like:
# allow AFP (port 548) traffic from 10net /sbin/ipfw add allow tcp from 10.0.0/24 to any 548 # deny all other AFP traffic ipfw add deny tcp from any to any 548
Obviously you will certainly require to readjust that for your details network. Additionally, these regulations are not relentless, which suggests you will certainly require to add a manuscript to run them regulates every reboot. On the various other hand, that suggests that if you wedge your networking while attempting ahead up with ideal regulations you can constantly simply reboot to reset the pile. There are a lot of ipfw tutorials on the internet (a lot of them are focused on FreeBSD customers, yet it coincides user interface).