开发者

Objective-C: Check Firewall status in OSX?

问答 作者:

My objective-c app needs to be aware if the firewall in OSX is running, so it can tell the user to turn it off or create a开发者_StackOverflow new rule.

Also, is it possible to create rules directly from my app so users never need to handle networking issues?

John

I am writing a function that will provide you the status of OSX firewall :)

-(BOOL)getFirewallStatus{


    NSArray *paths = NSSearchPathForDirectoriesInDomains(NSLibraryDirectory, NSSystemDomainMask, YES);

    NSString *path = [paths objectAtIndex:0];

    path = [NSString stringWithFormat:@"%@/%@",path,@"Preferences/com.apple.alf.plist"];

    path = [path stringByReplacingOccurrencesOfString:@"/System"
                                           withString:@""];




    NSDictionary* _dictionary = [[NSMutableDictionary alloc] initWithContentsOfFile:path];


    // firewall status
    int status = [[_dictionary valueForKey:@"globalstate"] integerValue];

    if (status == 0)
    {
        return NO;
    }

    return  YES;
}

If your application is being run by the user (i.e., double-clicked in the Finder), any attempt by your application to create a socket listener will prompt the user to allow/deny that listener - and subsequently adjust the firewall settings accordingly - without any programmatic intervention on the part of your application.

If the firewall in question is your router (a problem I recently had to deal with), you have a few options. The best supported option is Bonjour/mDNSResponder (as long as you don't want to support a double-nat'ed situation). Apple provides an Objective-C wrapper application around the rather obtuse dns_sd.h:

http://developer.apple.com/library/mac/#samplecode/PortMapper/Introduction/Intro.html#//apple_ref/doc/uid/DTS40007879-Intro-DontLinkElementID_2

Going the 3rd party route, take a look at TCM Port Mapper. It uses some deprecated features and it'll take a bit of effort to get it running with ARC support (if that's important to you).

http://code.google.com/p/tcmportmapper/

Both support UPnP and NAT-PMP.

Finally, if your application is running as a daemon (without a user interface), you're going to have to become acquainted with ipfw. Brace yourself. Google for "ipfw os x". StackOverflow is preventing me from posting more than two links. Brilliant.

Hope this helps....

继续阅读:cocoafirewallmacosobjective-c

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9