My app is sandboxed and for one feature listens for an incoming connection on a user selected port. When the firewall is enabled and block incoming (all, this app, or signed apps) is enabled, I want to be able to not offer this feature with a brief explanation.
I tried using /usr/libexec/ApplicationFirewall/socketfilterfw but that fails when used in a sandboxed app. I have an XPC module, which is also sandboxed, and the call fails there as well. If I remove the sandbox from the XPC then the call succeeds but then is unable to communicate with the main app.
Is there an API to determine if the firewall is enabled and all connections blocked?
I've submitted a Feedback request (FB23378402) as well.
Is there an API to determine if the firewall is enabled and all connections blocked?
No.
I've submitted a Feedback request (FB23378402) as well.
Thanks. That’s the best path forward for this.
And just to be clear, the output of socketfilterfw is not considered API, so there’s really no good solution this problem even in a non-sandboxed app.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"