NAME

socketfilterfw — Application Firewall daemon

SYNOPSIS

socketfilterfw [-h] [--getglobalstate] [--setglobalstate on | off] [--getblockall] [--setblockall on | off] [--listapps] [--getappblocked path] [--blockapp path] [--unblockapp path] [--add path] [--remove path] [--getallowsigned] [--setallowsigned] [--setallowsignedapp] [--getstealthmode] [--setstealthmode on | off]

DESCRIPTION

socketfilterfw is a daemon that gets launched on demand when the Application Firewall is enabled. There are also command-line options to change the Application Firewall behavior.

OPTIONS

The command line options are as follows:

-h: Display this help and exit.
--getglobalstate: Display if the firewall is enabled or not.
--setglobalstate on | off: Turn the firewall on or off.
--getblockall: Show whether block all is enabled or not.
--setblockall on | off: Enable or disable block all option.
--listapps: Display a list of paths of added applications.
--getappblocked path: Show whether connections are blocked or not for the application at the indicated path.
--blockapp path: Block the application at the indicated path.
--unblockapp path: Unblock the application at the indicated path.
--add path: Add the application at the indicated path to the firewall.
--remove path: Remove the application at the indicated path from the firewall.
--getallowsigned: Show whether built-in and downloaded signed applications are to automatically receive incoming connections.
--setallowsigned: Set whether built-in signed applications are to automatically receive incoming connections or not.
--setallowsignedapp: Set whether downloaded signed applications are to automatically receive incoming connections or not.
--getstealthmode: Show whether stealth mode is on or not.
--setstealthmode on | off: Set stealth mode on or off.