enabling access to MacPorts apache2 through the Lion firewall
Mr. Puneet Kishor
punk.kish at gmail.com
Mon Sep 19 05:04:45 PDT 2011
On Sep 19, 2011, at 2:56 AM, Keith J. Schultz wrote:
> Hi Puneet,
> Have you gone into the system preferences and turned on web-sharing.
System Preferences based web sharing controls Apple supplied apache2 (sitting under /usr/sbin). It does not control the httpd (apache) installed by MacPorts under /opt/local/apache2. My feeling is that perhaps allowing incoming connections for /opt/local/apache2/bin/httpd is not enough to completely open up web serving via the application level firewall (ALF).
> You may need to turn to adjust you fire wall under the security settings.
Yup. I already know that, but I am not sure how. The ALF has minimal guy controls, and not too flexible command line controls. I will experiment more today (when I am physically in front of the computer in question), and report back.
> It could be that you might need Lion Server , though I am not sure.
No, I certainly do not need Lion Server. The desktop has mostly identical server software. Lion Server is only needed if one is actually acting as a server for other clients, and wanting to use Apple's gui for controlling various aspects of it. I can do most all I need with Lion desktop.
> Am 17.09.2011 um 19:32 schrieb Mr. Puneet Kishor:
>> This is not exactly a MacPorts question, but kinda related since I am using MacPorts apache2 instead of the factory supplied version, and I figured one of you might know the answer. I have the apache2 port installed at /opt/local/apache2 on my Lion iMac. I have the firewall turned on, and even though the app is listed as allowing incoming connections, I can't get to the iMac if the firewall is on. If I turn off the firewall, the web server works fine.
>> My question -- is there any other app besides httpd that needs to accept incoming connection in order to allow httpd to work?
>> $sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp \
>> 2011-09-17 12:21:44.041 socketfilterfw[40441:d07] CFURLCreateWithBytes
>> was passed these invalid URLBytes: '/opt/local/apache2/bin/httpd
>> Incoming connection to the application is permitted
>> So, the problem could be related to the error message that "CFURLCreateWithBytes was passed these invalid URLBytes: '/opt/local/apache2/bin/httpd" (note the missing closing single quote)
>> Nevertheless, the following command lists httpd as accepting incoming connections.
>> $sudo /usr/libexec/ApplicationFirewall/socketfilterfw --listapps
>> ALF: total number of apps = 7
>> 3 : /opt/local/apache2/bin/httpd
>> ( Allow incoming connections )
>> Yet, if I turn on the firewall, the web server is unreachable.
>> macports-users mailing list
>> macports-users at lists.macosforge.org
More information about the macports-users