enabling access to MacPorts apache2 through the Lion firewall

Mr. Puneet Kishor punk.kish at gmail.com
Mon Sep 19 05:04:45 PDT 2011 

On Sep 19, 2011, at 2:56 AM, Keith J. Schultz wrote:

> Hi Puneet,
> 
> Have you gone into the system preferences and turned on web-sharing. 


System Preferences based web sharing controls Apple supplied apache2 (sitting under /usr/sbin). It does not control the httpd (apache) installed by MacPorts under /opt/local/apache2. My feeling is that perhaps allowing incoming connections for /opt/local/apache2/bin/httpd is not enough to completely open up web serving via the application level firewall (ALF).

> You may need to turn to adjust you fire wall under the security settings.


Yup. I already know that, but I am not sure how. The ALF has minimal guy controls, and not too flexible command line controls. I will experiment more today (when I am physically in front of the computer in question), and report back.

> 
> It could be that you might need Lion Server , though I am not sure.

No, I certainly do not need Lion Server. The desktop has mostly identical server software. Lion Server is only needed if one is actually acting as a server for other clients, and wanting to use Apple's gui for controlling various aspects of it. I can do most all I need with Lion desktop.



> 
> regards
> 	Keith.
> 
> Am 17.09.2011 um 19:32 schrieb Mr. Puneet Kishor:
> 
>> This is not exactly a MacPorts question, but kinda related since I am using MacPorts apache2 instead of the factory supplied version, and I figured one of you might know the answer. I have the apache2 port installed at /opt/local/apache2 on my Lion iMac. I have the firewall turned on, and even though the app is listed as allowing incoming connections, I can't get to the iMac if the firewall is on. If I turn off the firewall, the web server works fine.
>> 
>> My question -- is there any other app besides httpd that needs to accept incoming connection in order to allow httpd to work?
>> 
>>   $sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp \
>>     /opt/local/apache2/bin/httpd
>>   2011-09-17 12:21:44.041 socketfilterfw[40441:d07] CFURLCreateWithBytes 
>>   was passed these invalid URLBytes: '/opt/local/apache2/bin/httpd
>>   Incoming connection to the application is permitted
>> 
>> 
>> So, the problem could be related to the error message that "CFURLCreateWithBytes was passed these invalid URLBytes: '/opt/local/apache2/bin/httpd" (note the missing closing single quote)
>> 
>> 
>> Nevertheless, the following command lists httpd as accepting incoming connections.
>> 
>> $sudo /usr/libexec/ApplicationFirewall/socketfilterfw --listapps
>> ALF: total number of apps = 7 
>> 
>> ..
>> 
>> 3 :  /opt/local/apache2/bin/httpd 
>> 	 ( Allow incoming connections )
>> 
>> 
>> Yet, if I turn on the firewall, the web server is unreachable.
>> 
>> Suggestions?
>> _______________________________________________
>> macports-users mailing list
>> macports-users at lists.macosforge.org
>> http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
>

More information about the macports-users mailing list