


Let me say that again, because it cost me hours: turning pf on and then off again using IceFloor changes your system. Sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -a 69.23.0.45 -t 35īack to the instructions which Apple provides for enabling the adaptive firewall and then fixing the rules problem there are two extra things to know… First, there’s no need to panic when you see the following warnings, as these are normal:īut even more importantly for some people - and a long exercise in frustration if you happen to be me - is that if you have ever run the third-party pf front-end IceFloor, and you have used IceFloor to switch pf on and then off again, then as far as I can tell, IceFloor does not restore your system to the same state in which it began. Using an example taken straight from the man page, to add 69.23.0.45 to the blacklist for at least 35 minutes: You can check the man page for afctl to learn more about quickly adding or removing hosts from the blacklist. You are both enabling the packet filter pf - the more modern successor to the venerable ipfw - which is controlled with pfctl, and enabling the adaptive firewall, which is controlled with afctl. What’s happening here is actually two different things.
USING ICEFLOOR HOW TO
