NAME

socketfilterfw — Application Firewall daemon

SYNOPSIS

DESCRIPTION

socketfilterfw is a daemon that gets launched on demand when the Application Firewall is enabled. There are also command-line options to change the Application Firewall behavior.

OPTIONS

The command line options are as follows:

-h

Display this help and exit.

-d

Turn on debugging.

-l

Do logging and run in daemon mode.

-k

Kill daemon.

--getglobalstate

Display if the firewall is enabled or not.

--setglobalstate on | off

Turn the firewall on or off.

--getblockall

Show whether block all is enabled or not.

--setblockall on | off

Enable or disable block all option.

--listapps

Display a list of paths of added applications.

--getappblocked path

Show whether connections are blocked or not for the application at the indicated path.

--blockapp path

Block the application at the indicated path.

--unblockapp path

Unblock the application at the indicated path.

--add path

Add the application at the indicated path to the firewall.

--remove path

Remove the application at the indicated path from the firewall.

--getallowsigned

Show whether built-in and downloaded signed applications are to automatically receive incoming connections.

--setallowsigned

Set whether built-in signed applications are to automatically receive incoming connections or not.

--setallowsignedapp

Set whether downloaded signed applications are to automatically receive incoming connections or not.

--getstealthmode

Show whether stealth mode is on or not.

--setstealthmode on | off

Set stealth mode on or off.

--getloggingmode

Show whether logging is on or not.

--setloggingmode on | off

Set logging to on or off.

--getloggingopt

Show logging option.

--setloggingopt throttled | brief | detail

Set logging option.