Re: [Dovecot] dovecot - mac firewall problem
Hi, I am running dovecot 1.2.11 on mac osx 1.5.8. Everything works perfectly with the application-level firewall off, but enabling the application firewall prevents dovecot connections. I have tried explicitly authorizing dovecot in the firewall, but it does not work. I have searched everywhere I can think of to look, and haven't found a solution, but have seen a couple other reports of what seems to be the same problem. The firewall logs the activity with what looks like a corrupt process name: a typical appfirewall.log entry looks like:
Aug 26 20:43:45 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:43:53 hostname Firewall[55]: Deny ^H?^U???^Z connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:09 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37310 uid = 0 proto=6 Aug 26 20:44:34 hostname Firewall[55]: Deny ^L connecting from XX.XX.XX.XX:37312 uid = 0 proto=6 Aug 26 20:44:45: --- last message repeated 6 times ---
where "hostname" is my server name and the XX's are my client's IP address. For all of the other services I've used, the process name (e.g. dovecot) should appear after "Deny" when blocking traffic, instead of the funny characters. Any advice on how I could resolve this issue would be greatly appreciated. Thanks!
The application level firewall in OSX is aimed at _client_ use, not server use. It's similar to Novell's AppArmor, etc. Leave it turned off.
Simply because a piece of software (in this case an OS) offers any given option does not mean every system needs it. Can you offer a compelling reason why you _need_ the OSX application level firewall enabled? Please point us to documentation that advises using it for any of your services/daemons.
-- Stan
Hi was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks!
Patrick
Patrick Fay put forth on 8/28/2010 7:15 AM:
Hi was hoping to use the application firewall because this machine gets used both as a server as well as a client machine for more general use. I haven't been able to find any specific documentation for it, but I have found that the firewall works fine with postfix and several file services I use (enabling/disabling works as expected, process names get logged as expected, etc). Thanks!
So, you're running Dovecot and Postfix on a laptop? WTF?
-- Stan
participants (2)
-
Patrick Fay
-
Stan Hoeppner