Open a port in OSX Mavericks’ Firewall

The new firewall in Mavericks is great. For the common user. For a developer, not so much. If you are a Java developer like me, and you just need to open one port (say, 8080) so that the web application you’re working on is accessable from another computer, you can’t. I disabled the Firewall altogether for a few days, but it didn’t feel right.

I googled around and to make a long story short, here’s how to open port 8080 on any interface to any application on your OSX Mavericks installation in 3 steps:

sudo vim /etc/pf.conf

Then add the following lines at the end of the file:

# Open port 8080 for TCP on all interfaces pass in proto tcp from any to any port 8080

Test (and, according to the documentation, load) your edits with:

sudo pfctl -vnf /etc/pf.conf

Reboot.

(I have found at least 5 pieces of voodoo to make the Firewall restart and reload, but none of them seemed to work reliably, so pardon the reboot)

You can close it by commenting out the lines in pf.conf and reboot again. If anybody knows of an easier way to do this, preferably in one terminal command, and without rebooting, let me know.

Hope this helps.

This entry was posted on Saturday, May 10th, 2014 at 15:57 \15\May\GMT+0200 +0200 and is filed under Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

10 Responses to Open a port in OSX Mavericks’ Firewall

bilunov77 says:

Saturday 2014-05-17 at 06:41 \6\May\GMT+0200 +0200

Reblogged this on Dirigeant.societe.com.

Reply
Derek says:

Thursday 2014-06-19 at 21:34 \21\Jun\GMT+0200 +0200

When I ran this command:

sudo pfctl -vnf /etc/pf.conf

It said there was bad syntax on this line:

pass in proto tcp from any to any port 8080

Reply
- rolfje says:
  
  Thursday 2014-06-19 at 23:36 \23\Jun\GMT+0200 +0200
  
  Strange, I just double-checked my config and your line looks identical. Did you put the line at the end of the existing file and did you check for line endings, tabs and perhaps characters that look like spaces but really aren’t?
  
  Reply
  - Joyce Babu says:
    
    Saturday 2014-07-05 at 13:17 \13\Jul\GMT+0200 +0200
    
    I too got the same error. Fixed it by adding a new line after the rule.
Joyce Babu says:

Saturday 2014-07-05 at 13:18 \13\Jul\GMT+0200 +0200

Restarting the firewall via “System Preferences > Security & Privacy > Firewall > Turn Off Firewall” worked for me.

Reply
Apple:How to open a specific port in Firewall OS X 10.9.4 – Apple Questions says:

Sunday 2015-10-18 at 04:11 \4\Oct\GMT+0200 +0200

[…] had the same issue under OS X Yosemite (10.10.3). Found this blog post that provides clear instructions. We can’t use ipfw any more, as it’s deprecated. […]

Reply
How do I open a specific port on OS X Yosemite from the command line? - osx says:

Monday 2016-01-11 at 17:28 \17\Jan\GMT+0200 +0200

[…] may help rolfje.wordpress.com/2014/05/10/… – mark setchell may 31 ’15 @ […]

Reply
Julie Jones says:

Tuesday 2016-08-02 at 00:18 \0\Aug\GMT+0200 +0200

El Capitan: whole lotta no workie

Reply
Rohit says:

Wednesday 2017-02-01 at 15:24 \15\Feb\GMT+0200 +0200

How do I add a line to the pf.conf. I am a newbie to mac

Reply
rolfje says:

Wednesday 2017-02-01 at 21:54 \21\Feb\GMT+0200 +0200

The very first command in the article opens “vim”, an arcane text editor very commonly seen on Unix systems. You can use your arrow keys to move to the last line of the editor.

To add the line, press “Shift-A” (your cursor should now be at the end of the last line. press “Enter” and Copy/Paste the lines from the article in your terminal window.

To save the file and exit the editor, press “Esc”, then type “:wq” and hit “Enter”.

If this doesn’t work please find a good vim tutorial online, there are quite a few good ones out there.

(By the way I use vim regularly, but I’m not a fan. https://rolfje.wordpress.com/2008/04/05/the-vi-religion/ )
😉

Good luck!

Reply

Rolfje's blog