cubeSQL 5 and Mavericks/Yosemite Firewall (updated)

March 11th, 2015 | 2 Comments »

If you have firewall turned ON on your Mavericks/Yosemite system that you could have troubles running cubeSQL because its default 4430 port could be blocked by default.

Starting from Yosemite OS X 10.10 ipfw has been removed (ipfw was the previous Mac firewall that could be easily configured using command line parameters and it has been replaced by pfctl). pfctl seems to prefer configuration files to command line parameters, which I find frustrating and it is a bit more complicated to configure. The ideal solution would have been to have it automatically configured within cubeSQL Mac installer but there are so many options that I prefer to have your configuration rules not touched and leave that option to you.

As someone suggested you can use a couple of nice freeware utilities which are basically a fronted to the command line described below. My personal suggestion is for: Icefloor but I think that Murus should also work fine. The only required thing to do is just to open the default 4430 TCP port used by cubesql.

So here you go a step by step terminal instructions (mostly taken from http://tinyurl.com/lz5y2sb):

sudo vim /etc/pf.conf

Add this line to the config file (after the com.apple anchor is fine) where en0 is your ethernet adapter and port 4430 is the port you’re using in cubeSQL:

pass in on en0 proto tcp from any to any port 4430

This allows TCP data on port 4430 to pass into your machine via en0. This allows it from any IP address, but you could have changed the first mention of “any” to an IP address in order to only allow from a single IP address.

If you aren’t using a wired connection, you can change en0 to en1, or if you’re uncertain which adapter you’re using, run the following command to see which is active on your setup, noting which has a status of “active”:

ifconfig

Save the config file and run the following to reload the config file, and verify using verbose:

sudo pfctl -vnf pf.conf

I also ran this, just in case:

sudo pfctl -Rf pf.conf

Yes it is not easy nor intuitive but this is the only solution if you want to have your firewall turned ON on Mac. (I promise that I’ll try to find out a better and preferably automated way to setup the firewall.)

2 Responses to “cubeSQL 5 and Mavericks/Yosemite Firewall (updated)”

Leave a Reply

This field is required

This field is required