You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Sequoia firewall: unable to edit some entries

Since upgrading to Sequoia, I noticed some entries in the Network > Firewall > options... are no longer editable: some apps are stuck, I'm unable to change their settings to allow/block, or delete the entries. the command line `/usr/libexec/ApplicationFirewall/socketfilterfw` also does not work on these apps, see the screen shot, apps like zoom, and Things do not have the ↕️ next to allow/block, and for them the delete - and right click also does not work.


The release notes said that the firewall has some deprecation changes and the settings are no longer in the alf plist, where are they now so I can reset the settings? Thanks!



MacBook Pro (M1, 2020)

Posted on Sep 16, 2024 1:44 PM

Reply
Question marked as Top-ranking reply

Posted on Sep 27, 2024 9:41 AM

etresoft wrote:


gunnarstahl wrote:

I just came back from a support call with apple support. And they confirmed exactly what I said. The application firewall should be enabled and active. And when I have to choose between some random guy on the 'net and an apple support person, well I know whom to trust.
It's not a matter of trust. In this case, if that's what they told you, then Apple Support is factually incorrect. The firewall is disabled by default. It's Apple that ships it turned off. If Apple Support has a problem with that, they should take it up with Apple.
Currently it seems that the application filter is broken and that it is a critical bug apple is working on. It is expected to be solved in an update.
Oh, it's most definitely broken. Is it a critical bug? Is Apple working on it? Will it be solved in an update? I'm very skeptical about all of those.

In order to make the application firewall something that is better than its current state of "worse than useless", it would need a fundamental re-write from top to bottom. That's definitely not happening. The problem might not even be in the firewall. It could be a lower-level problem with networking. Apple never noticed this during development because nobody at Apple runs the application firewall.

The fix for the current problem is clear - disable the firewall. This does not harm your security in any way. This is the default setting. You can certainly try it again whenever Apple releases an update. Apple has publicly said that 15.1 is going to be released in October. Maybe they will include a fix with that build.

Yes, it is a matter of trust. In fact, I urge anyone having a valid AppleCare contract to use the support hotline so that they can confirm how to deal with the firewall. And to be quite frank: I find your take on the firewall not only to be wrong but rather to be harmfull. Whether or not you like the apple firewall settings or be under the impression that it does not help, the fact that you try to make others turn their firewall off is irresponsible.


Yes, currently it doesn't work as intended. And Apple's decission to deliver the firewall in a turend-off setting is questionable, to say the least. But going on a public forum and urging people to generally turn the firewall of is ridiculous.


I will not answer any more to this discussion, since I've made myself sufficiently clear.

33 replies

Nov 26, 2024 6:36 AM in response to aoimame

This issue still persists in 15.1.1, when will Apple fix this?


/usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/<ApplicationName>.app

This command works as a workaround to ALLOW incoming connection, but there is no equivalent to REMOVE/BLOCK that would work. This issue introduces Security risks, and it is ridiculous that Apple, did not address it yet!



Sequoia firewall: unable to edit some entries

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.