socketfilterfw(8) System Manager's Manual socketfilterfw(8)

socketfilterfwApplication Firewall daemon

socketfilterfw [-h] [--getglobalstate] [--setglobalstate on | off] [--getblockall] [--setblockall on | off] [--listapps] [--getappblocked path] [--blockapp path] [--unblockapp path] [--add path] [--remove path] [--getallowsigned] [--setallowsigned on | off] [--setallowsignedapp on | off] [--getstealthmode] [--setstealthmode on | off]

socketfilterfw is a daemon that gets launched on demand when the Application Firewall is enabled. There are also command-line options to change the Application Firewall behavior.

The command line options are as follows:

Display this help and exit.
Display if the firewall is enabled or not.
on | off
Turn the firewall on or off.
Show whether block all is enabled or not.
on | off
Enable or disable block all option.
Display a list of paths of added applications.
path
Show whether connections are blocked or not for the application at the indicated path.
path
Block the application at the indicated path.
path
Unblock the application at the indicated path.
path
Add the application at the indicated path to the firewall.
path
Remove the application at the indicated path from the firewall.
Show whether built-in and downloaded signed applications are to automatically receive incoming connections.
on | off
Set whether built-in signed applications are to automatically receive incoming connections or not.
on | off
Set whether downloaded signed applications are to automatically receive incoming connections or not.
Show whether stealth mode is on or not.
on | off
Set stealth mode on or off.
March 13, 2024 Mac OS X