It’s not for me

It’s for a friend, honest: but does the lazyweb know a way to tweak the firewall in OS X so that all traffic on Port 80 is forbidden between midnight and 3.30pm, so that some work gets done?

This entry was posted in nördig. Bookmark the permalink.

5 Responses to It’s not for me

  1. I don’t know how to do it directly in the OS X firewall, but IPNetSentryX will do it at a price. I use some of Peter’s other software, and it’s good stuff.

    Alternatively (and free), use cron to run a shell script to alter firewall rules using the ipfw command.

    Cronnix is a free GUI for cron. ipfw is a little complicated, but if all you’re doing is allowing or denying port 80, the commands are simple enough.

  2. Sean says:

    Tweak the schedule settings in your router instead – couldn’t be easier, or easier to circumvent. In my experience the only real solution to this problem is to work somewhere with no connection to the internet at all, wired or otherwise – or else to give the router password to someone else. Then, of course, you’ll spend all day scrabbling around the house looking for bits of paper which might have passwords written on them. It strikes me that this really is all a bit like nicotine withdrawal; however creative your attempts to deny yourself, ubiquity is not on your side.

  3. acb says:

    It really isn’t me, Sean. I don’t write on a mac. And I don’t know about my friend’s router: my offers helpfully to examine it were rejected. As you say, a bit like nicotine withdrawal. Also, the friend’s neighbours leavce their wifi open.

    I was hoping for a settings file that could be flipped twice a day by a cron job: to someone innocent of unix, that would be entirely sufficient. But I don’t know what, if anything, is the settings file used.

  4. Shannon says:

    ipfw comes on osx; something like

    ipfw -q add 00700 deny tcp from any to any 80

    should do the trick, but you know, test it and stuff. your instincts about cron are right on 🙂 in the morning you’d want to run

    ipfw delete 00700

    in the morning. of course my BSD is so rusty as to have partially fallen off so I take no responsibility for the above being in any way accurate and a solid read of the man page is reccomended.

    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html

  5. acb says:

    Shannon: Thank you so much for that. My friend will be enormously grateful hate you with a passion ignore this useful tip entirely. But at least we know how it should be done, and — tee hee — I could probably do it by remote control.

Comments are closed.