当前位置:theitroad>macos 如何让 Mac OS X 防火墙永久允许我的 iOS 应用程序?

macos 如何让 Mac OS X 防火墙永久允许我的 iOS 应用程序?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/9845502/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-10-21 09:00:07  来源:igfitidea点击:

How do I get the Mac OS X Firewall to permanently allow my iOS app?

iosmacosfirewall

提问by OldPeculier

I'm writing an iOS app that acts as, among other things, a telnet server. Naturally, it begins listening for connections as soon as it starts.

我正在编写一个 iOS 应用程序,除其他外,它充当 telnet 服务器。自然地,它一开始就开始侦听连接。

When I run the app in the Simulator, Mac OS X (I happen to be on 10.7.3) prompts me to Allow or Deny my application to accept incoming network connections. This is the standard Firewall message that Mac OS X uses for all unsigned, networked applications.

当我在模拟器中运行应用程序时,Mac OS X(我碰巧在 10.7.3 上)提示我允许或拒绝我的应用程序接受传入的网络连接。这是 Mac OS X 用于所有未签名的联网应用程序的标准防火墙消息。

I grow weary of clicking "Allow" fifty or more times a day, and so I seek a way of permanently adding my app to the Firewall's list of permitted apps.

我厌倦了每天点击“允许”五十次或更多次,因此我寻求一种方法将我的应用程序永久添加到防火墙的允许应用程序列表中。

I've tried the following.

我试过以下。

  1. Open Activity Monitor while my app is running.
  2. Select my app. Click "Inspect".
  3. Go to the Open Files and Ports tab. One of the first lines is the precise path to my app. Copy and paste this path.
  4. Open the Firewall... Advanced settings.
  5. Click the + (add) button.
  6. Browse to the application path and select it, thus adding it to the list of applications for which incoming connections are allowed.
  1. 在我的应用程序运行时打开活动监视器。
  2. 选择我的应用程序。单击“检查”。
  3. 转到打开文件和端口选项卡。第一行之一是我的应用程序的精确路径。复制并粘贴此路径。
  4. 打开防火墙...高级设置。
  5. 单击 +(添加)按钮。
  6. 浏览到应用程序路径并选择它,从而将其添加到允许传入连接的应用程序列表中。

In the last step there's a significant decision. You could add either the .app application package, or Show Contents on that package and add the "Unix executable" within. I've tried both approaches.

在最后一步有一个重要的决定。您可以添加 .app 应用程序包,或在该包上显示内容并在其中添加“Unix 可执行文件”。这两种方法我都试过了。

Interestingly, Firewall will in fact stop warning you about the app—for a while.After a few runs, however—it isn't clear to me what event actually causes this change, but it happens within half an hour or so for me, generally speaking—Firewall begins warning about the app again.

有趣的是,防火墙实际上会在一段时间内停止警告您有关该应用程序的信息。然而,经过几次运行后——我不清楚究竟是什么事件导致了这种变化,但对我来说,它发生在半小时左右,一般来说——防火墙再次开始警告应用程序。

How do I set Firewall to permanently Allow my iOS app?

如何将防火墙设置为永久允许我的 iOS 应用程序?

Naturally, I could bypass this whole problem by disabling the Mac OS X firewall. I could also avoid ever again getting a splinter in my foot by chopping it off. Neither of these courses of action recommend themselves to me.

当然,我可以通过禁用 Mac OS X 防火墙来绕过整个问题。我也可以通过砍掉它来避免再次在我的脚上留下碎片。这些行动方案都没有向我推荐。

What would you suggest?

你有什么建议?

采纳答案by OldPeculier

After dabbling with this for some time, I found that manually adding the executable itself to the Firewall "Allow" list gives the desired result. You don't add the .app, but rather the "Unix" executable inside the .app's Contents folder. I believed I had tried this file before without success, but currently it's working.

在尝试了一段时间后,我发现将可执行文件本身手动添加到防火墙“允许”列表中可以得到所需的结果。您不添加 .app,而是添加 .app 的 Contents 文件夹中的“Unix”可执行文件。我相信我之前尝试过这个文件但没有成功,但目前它正在工作。

回答by ishahak

So we want to suppress the following dialog

所以我们要抑制下面的对话框

Do you want the application “NNN.app” to accept incoming network connections?

您是否希望应用程序“NNN.app”接受传入的网络连接?

which appear on every activation of the Xcode iOS simulator. I believe there is now a solution for that. Basing my answer on thisblog.

它出现在每次激活Xcode iOS 模拟器时。我相信现在有一个解决方案。我的回答基于博客。

Simply run the following commands in a Terminal window:

只需在终端窗口中运行以下命令:

#temporarily shut firewall off:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off

#put Xcode as an exception:
/usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Xcode.app/Contents/MacOS/Xcode

#put iOS Simulator as an exception:
/usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Xcode.app/Contents/Developer/Applications/Simulator.app/Contents/MacOS/Simulator

#re-enable firewall:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

For me it worked. Please note simulator address is according to Xcode 8.

对我来说它奏效了。请注意模拟器地址根据 Xcode 8。

回答by blahdiblah

I think the best solution might be to script the process of okaying your app to the firewall.

我认为最好的解决方案可能是编写允许您的应用程序进入防火墙的过程。

If I recall correctly, the latest OSX firewall is actually clever about identifying apps and fingerprints the allowed binaries. This prevents the surprisingly effective tactic of just naming your malware "system32.exe" &c to evade the firewall. If that's the case, your app will be (correctly) blocked for not being the same binary that was okayed, and there's not really any way around it.

如果我没记错的话,最新的 OSX 防火墙实际上很聪明,可以识别允许的二进制文件的应用程序和指纹。这可以防止仅将您的恶意软件命名为“system32.exe”等令人惊讶的有效策略来逃避防火墙。如果是这种情况,您的应用程序将(正确地)因与通过的二进制文件不同而被(正确)阻止,并且实际上没有任何解决办法。

So, try scripting the firewall allowing process and incorporate that into the build process.

因此,尝试编写防火墙允许过程的脚本并将其合并到构建过程中。

回答by Blaz

I never had luck with manually adding the executable to the firewall's allowed-list. Here's a solution using an automated mouse click:

我从来没有手动将可执行文件添加到防火墙的允许列表中。这是使用自动鼠标单击的解决方案:

  1. Download CLIclick. (Thank you Carsten.)
  2. Put it in a suitable location, say /usr/local/bin.
  3. Get the Allowbutton's screen coordinates using ??4. (In my example, these are x: 750, y: 600.)

  4. Create a script with this content (the w:is the wait time in ms):

    /usr/local/bin/cliclick c:750,600 w:1500 m:+0,+0 c:.

    (I couldn't get CLIclickto work without "moving" it to the same location (the m:+0,+0part) and clicking again at the same spot with c:..)

  5. Open Xcode's Preferences / Behaviorsand add the above script. enter image description here
  6. Enjoy!
  1. 下载CLIclick。(谢谢卡斯滕。)
  2. 把它放在合适的位置,比如说/usr/local/bin
  3. 使用 获取Allow按钮的屏幕坐标??4。(在我的示例中,这些是 x:750,y:600。)

  4. 使用此内容创建一个脚本(w:以毫秒为单位的等待时间):

    /usr/local/bin/cliclick c:750,600 w:1500 m:+0,+0 c:.

    (如果不将CLIclick其“移动”到同一位置(m:+0,+0零件)并使用 再次单击同一位置,我就无法开始工作c:.。)

  5. 打开 XcodePreferences / Behaviors并添加上面的脚本。 在此处输入图片说明
  6. 享受!

回答by user4473959

I don't know if it is the right way but for me worked.

我不知道这是否是正确的方法,但对我来说是有效的。

  1. Turn off the firewall
  2. Connect with the iphone app to your mac
  3. Check if everything in the connection working
  4. Turn on the firewall
  1. 关闭防火墙
  2. 将 iphone 应用程序连接到您的 mac
  3. 检查连接中的一切是否正常
  4. 开启防火墙

相关推荐

macos 将 TextMate 设置为 Mac OS X 上的默认文本编辑器

macos 将 TextMate 设置为 Mac OS X 上的默认文本编辑器

macos Mac 终端在通过 SSH 使用 PPK 时不断询问密码

macos Mac 终端在通过 SSH 使用 PPK 时不断询问密码

macos 如何在 Mac OS X 中生成核心转储?

macos 如何在 Mac OS X 中生成核心转储?

macos 我真的需要 libgcc 吗?

macos 我真的需要 libgcc 吗?

相关推荐
最近更新
标签