FireWall was OFF??

Joined
May 24, 2011
Messages
496
Reaction score
2
Points
18
Location
New York City
Your Mac's Specs
MacBook Pro 16 Inch 2019 MacOS Catalina 10.15.3 (19D76)
I just realized my FireWall was off on my OSX Mac. Unless it was on. I went to the systems preferences and to security and privacy and saw that the Firewall was off. :( I was checking my online accounts. Was this a big blunder? Or is this firewall a back up to another firewall that is already build into OSX? Should I be worried?
 
Joined
Jan 20, 2012
Messages
5,053
Reaction score
414
Points
83
Location
North Carolina
Your Mac's Specs
Air M2 ('22) OS 14.3; M3 iMac ('23) OS 14.3; iPad Pro; iPhone 14
Firewalls have been a topic of discussion in the forum and also of some debate. If you are behind a hardware firewall, such as your router (or device provided by your ISP), then activating the OS X firewall (which is OFF by default) might be redundant and not needed, and some would suggest potentially cause conflicts (plenty on the web if you care to google, such as HERE).

OTOH, if you are using an OS X laptop in an 'open' public hotspot, then the Apple OS firewall should certainly be activated. For myself, I have turned ON the built-in OS firewall on my Mac computers despite being behind an AirPort Extreme router; others on the forum have stated the same and apparently have not had issues.

SO, if you are behind a router, then firewall protection should be adequate, but if you want to turn on the Apple firewall, probably will not make much of a difference - I'm sure others will 'chime in' w/ their own opinions. Dave :)
 
M

MacInWin

Guest
Good summary, Dave! I also keep my firewall on and see no conflicts with mi wifi ISP router.

For the OP, you should be okay if you are doing the banking at home, on your router. But if you were in a public spot...don't, just don't.
 
OP
MacLover2011
Joined
May 24, 2011
Messages
496
Reaction score
2
Points
18
Location
New York City
Your Mac's Specs
MacBook Pro 16 Inch 2019 MacOS Catalina 10.15.3 (19D76)
Thanks for the feedback RadDave and MacInWin.
 
C

chas_m

Guest
As pointed out above, turning on the software firewall when you are already behind a hardware firewall can cause very difficult-to-nail-down issues. There's a reason why it is off by default, and that's because there are KNOWN PROBLEMS with doing so. Saying that "well I'm running it and no problems here" is like saying "well I drive home drunk all the time and I've never had an accident."
 
OP
MacLover2011
Joined
May 24, 2011
Messages
496
Reaction score
2
Points
18
Location
New York City
Your Mac's Specs
MacBook Pro 16 Inch 2019 MacOS Catalina 10.15.3 (19D76)
As pointed out above, turning on the software firewall when you are already behind a hardware firewall can cause very difficult-to-nail-down issues. There's a reason why it is off by default, and that's because there are KNOWN PROBLEMS with doing so. Saying that "well I'm running it and no problems here" is like saying "well I drive home drunk all the time and I've never had an accident."

Thanks for the feedback. Can you give me some sort of examples on what kinds of problems one might experience?
 
Joined
Jan 20, 2012
Messages
5,053
Reaction score
414
Points
83
Location
North Carolina
Your Mac's Specs
Air M2 ('22) OS 14.3; M3 iMac ('23) OS 14.3; iPad Pro; iPhone 14
Thanks for the feedback. Can you give me some sort of examples on what kinds of problems one might experience?

Hi MacLover.... - I hope that Chas_m and some of our IT professionals post some definitive information on this topic because the subject remains confusing to a non-IT expert such as myself although I've been reading about and trying to understand the interaction of firewalls w/ web traffic for a long time.

BUT, keep in mind that there are thousands of 'ports' that permit information from elsewhere to enter or exit your computer - kind of like thinking of a large hotel w/ numerous windows - these may be closed or opened, if the latter one can come in or get out, so 'firewalls' are meant to prevent 'incoming' traffic from entering and 'outgoing' traffic from exiting. Thus, firewalls may be managing one or the other of these traffic directions (or both, I guess, depending on the hardware/software).

A main issue in running 'multiple' firewalls is whether there are conflicts in managing these ports, e.g. maybe your router's firewall wants to prevent incoming traffic from somewhere and the OS X firewall allows the traffic - one can only imagine the potential issues w/ the number of ports that exist on a computer (64K, I believe although apparently only the first 1K or more are the important ones).

I'll simply stop there and hope our IT pros will 'chime in' to help clarify this topic at least partially - I've had my two Macs for 18 months - had the OS X firewall (FW) OFF the first half of that ownership (both computers behind my AirPort Extreme) - I activated the OS FWs earlier this year and have not noticed any problems and change in behaviour - I would suspect that if the FWs are acting similarly that is what one would expect? Dave :)
 
Last edited:

chscag

Well-known member
Staff member
Admin
Joined
Jan 23, 2008
Messages
65,248
Reaction score
1,833
Points
113
Location
Keller, Texas
Your Mac's Specs
2017 27" iMac, 10.5" iPad Pro, iPhone 8, iPhone 11, iPhone 12 Mini, Numerous iPods, Monterey
The firewall built into modern routers will block certain incoming traffic only. The software firewall provided by Apple will also block outgoing traffic. Once you turn on the software firewall, it will notify you if an application or process is generating outgoing traffic and also notify you of incoming traffic. In my opinion, there's no harm turning on the Apple software firewall. Just because Apple sets it to off on new installations does not mean it should always be off. Apple leaves the firewall decision up to you the user. And just for the record, I have in the past had both firewalls on and have never run into any problems or conflicts.
 
M

MacInWin

Guest
+1 here for the router and software firewalls working well together. Been that way for years with no conflicts. Doesn't mean it cannot happen, just that is has not for me.
 

cwa107


Retired Staff
Joined
Dec 20, 2006
Messages
27,042
Reaction score
812
Points
113
Location
Lake Mary, Florida
Your Mac's Specs
14" MacBook Pro M1 Pro, 16GB RAM, 1TB SSD
I am one of those paranoid folks who very deliberately enabled the software firewall on every machine I own. I never had any issues that were directly attributable to the firewall. That said, there are certainly some services like file & print sharing, Bonjour, Back to My Mac and others that can be impacted by the firewall configuration. So, if you're not entirely comfortable troubleshooting network issues, you might want to just leave it off.

One important note, however.... OS X, by default, does not respond on any well known ports, even with the firewall disabled. So, it's not like you're completely unshielded with it turned off.
 
C

chas_m

Guest
cwa107 covers most of what I was going to say, but there are also known issues with iTunes services, iChat/iMessage, networking/VPN and other programs that want to open specific ports for certain uses.

Bottom line: leave it off unless you have a specific reason not to.
 

pbd


Joined
Jul 17, 2014
Messages
57
Reaction score
1
Points
8
I got my first Macbook a couple of months ago. When I stumbled across the firewall I was surprised to see that it was off. Coming from Windows (as you do) I would have thought that it was on by default. I posted here and was told not to be concerned and that was perfectly normal. Anyway, I heard the advice of experienced users but in the end I switched it on. It's there and is not interfering with my use of the Macbook so it might as well be on as off.
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
Bottom line: leave it off unless you have a specific reason not to.
You could just open those ports and get around this issue altogether. In fact, the firewall software built in (as I understand it, Apple doesn't use ipfw anymore) prompts you to open ports if one needs to be opened.
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top