Firewalls are essential components for securing any computer system by controlling incoming and outgoing network traffic based on predetermined security rules. On macOS, the built-in firewall can be configured to enhance the security of your system. This article will guide you through the process of configuring the firewall on macOS using the command line, which is particularly useful for advanced users and system administrators who prefer or need to automate this task.

Examples:

1. Enabling the Firewall:
To enable the firewall on macOS via the command line, you can use the defaults command to modify the firewall settings.

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

This command turns on the macOS firewall.

2. Adding Applications to the Firewall:
You can allow specific applications to receive incoming connections by adding them to the firewall's list of allowed apps.

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/YourApp.app

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --unblockapp /Applications/YourApp.app

Replace /Applications/YourApp.app with the path to the application you want to allow.

3. Blocking All Incoming Connections:
To block all incoming connections except those required for basic internet services, use the following command:

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setblockall on

This command enhances security by preventing any unsolicited incoming connections.

4. Logging Firewall Activity:
For monitoring and troubleshooting purposes, you might want to enable logging of firewall activity.

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setloggingmode on

This command enables logging, which can be viewed in the Console application under the "firewall.log" file.

5. Checking Firewall Status:
To check the current status of the firewall, use:

   sudo /usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate

This command will return the current state of the firewall (on or off).