From 39b347edfd51eb3c2d11cd0eca711f2a4c9e8ca9 Mon Sep 17 00:00:00 2001 From: Koen Punt Date: Tue, 15 Dec 2015 16:53:33 +0100 Subject: [PATCH] add pf rule to main ruleset on El Capitan it appears it isn't possible to add a rule to a non-existing anchor. but binding to the main ruleset works fine. --- lib/templates/installer/cx.pow.firewall.plist.js | 2 +- src/templates/installer/cx.pow.firewall.plist.eco | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/templates/installer/cx.pow.firewall.plist.js b/lib/templates/installer/cx.pow.firewall.plist.js index e9f81bf..54a617e 100644 --- a/lib/templates/installer/cx.pow.firewall.plist.js +++ b/lib/templates/installer/cx.pow.firewall.plist.js @@ -49,7 +49,7 @@ module.exports = function(__obj) { __out.push(__sanitize(this.httpPort)); - __out.push('" | pfctl -a "com.apple/250.PowFirewall" -Ef -\n \n \n RunAtLoad\n \n UserName\n root\n\n\n'); + __out.push('" | pfctl -Ef -\n \n \n RunAtLoad\n \n UserName\n root\n\n\n'); }).call(this); diff --git a/src/templates/installer/cx.pow.firewall.plist.eco b/src/templates/installer/cx.pow.firewall.plist.eco index b7f1297..287eaa1 100644 --- a/src/templates/installer/cx.pow.firewall.plist.eco +++ b/src/templates/installer/cx.pow.firewall.plist.eco @@ -10,7 +10,7 @@ -c sysctl -w net.inet.ip.forwarding=1; - echo "rdr pass proto tcp from any to any port {<%= @dstPort %>,<%= @httpPort %>} -> 127.0.0.1 port <%= @httpPort %>" | pfctl -a "com.apple/250.PowFirewall" -Ef - + echo "rdr pass proto tcp from any to any port {<%= @dstPort %>,<%= @httpPort %>} -> 127.0.0.1 port <%= @httpPort %>" | pfctl -Ef - RunAtLoad