Firewall¶
Template
Available in macOS 10.12 and later. A Firewall payload manages the Application Firewall settings accessible in the Security Preferences pane. Note these restrictions:
- The payload must exist in a system-scoped profile.
- If more than one profile contains this payload, the most restrictive union of settings will be used.
Warning
Apple claims that: The “Automatically allow signed downloaded software” and “Automatically allow built-in software” options are not supported, but both will be forced ON when this payload is present. However those options are not changed when the payload is installed. Only the UI is greyed out.
Contents
Summary¶
| PayloadType: | com.apple.security.firewall |
|---|---|
| Supervised Only: | |
| N/A | |
| macOS: | 10.12 |
| macOS Deprecated: | |
| N/A | |
| iOS: | N/A |
| iOS Deprecated: | N/A |
| Highlander: | N/A |
Keys¶
EnableFirewall¶
Enable Firewall
Required. Whether the firewall should be enabled or not.
| Type | Default | Required | Regex | iOS | macOS | Supervised |
|---|---|---|---|---|---|---|
| boolean | N/A | N/A | N/A | N/A | N/A | N/A |
BlockAllIncoming¶
Block All Incoming
Optional. Corresponds to the “Block all incoming connections” option.
| Type | Default | Required | Regex | iOS | macOS | Supervised |
|---|---|---|---|---|---|---|
| boolean | N/A | N/A | N/A | N/A | N/A | N/A |
EnableStealthMode¶
Enable Stealth Mode
Optional. Corresponds to “Enable stealth mode.”
| Type | Default | Required | Regex | iOS | macOS | Supervised |
|---|---|---|---|---|---|---|
| boolean | N/A | N/A | N/A | N/A | N/A | N/A |
Applications¶
Applications
Optional. The list of applications
| Type | Default | Required | Regex | iOS | macOS | Supervised |
|---|---|---|---|---|---|---|
| array | N/A | N/A | N/A | N/A | N/A | N/A |
Each item in the applications list contains these keys: