Firewalls block network traffic before they can be passed up the TCP/IP stack and used by active processes and daemons on your system. The Mac OS X built-in firewall GUI and command-line tool ipfw can be used to create a personal firewall for your workstation. Alternatively, Internet Sharing via natd can provide protection to an entire network by using IP masquerading (NAT) connections behind a single Mac OS X machine.
In some cases, setting up a Mac OS X firewall may not be the appropriate solution for your network. Consumer and commercial firewall solutions exist that don't require any configuration of your Mac. For those wanting an enterprise-worthy solution without a high cost of ownership, Linux can be used to create a transparent bridging firewall for the price of an old PC and two network cards.
Top |