Thursday, February 10, 2011

A Mac OS X firewall mystery

Where do I go to learn more about the implementation and behavior of the Mac OS X firewall?

I had a very strange situation recently; it will take a bit of time to explain, but maybe somebody can shed some light on what was happening?

Here's the situation:

  • I run Mac OS X 10.6.6, with all the latest patches

  • I also run VMWare Fusion version 3.1.2 on my Mac

  • I have a variety of guest operating systems that I run in VMWare



I was running a suite of client-server networking tests, with the server on a VMWare guest, and the clients on my Mac host. The test harness is a script with lots and lots of client invocations; during a test case, we generally run a client which initiates a connection to the server, does some work, and then exits.

The behavior I saw was as follows:

  • The tests would occasionally run to completion, but usually they would run partway, then the network connection between the host and the VMWare guest would be disrupted

  • When the disruption occurred, the host could continue to talk to other networked machines, both near and far.

  • And, the guest could continue to talk to other networked machines, both near and far.

  • But the host and guest were having trouble talking to each other.

  • Simply waiting for an hour or two, the network connection between the two machines would appear to "magically" repair itself. Or, re-booting the host would repair the connection (rebooting the guest was not enough).



After lots of configuration and experimentation, I discovered that disabling the Mac's built-in firewall software stops this problem from occurring.

But what I don't understand is: why? The firewall, as I understand it, is supposed to be controlling in-bound connections from other machines into my Mac. But in my test suite, all of the network connections that I was making were out-bound, from my Mac to my VMWare guest. So why was the firewall involved in that network processing at all?

For now, it's a mystery, although happily one that I care much less about since I've figured out this workaround.

But it does leave me with that initial question: where do I go to learn more about the implementation and operation of the built-in firewall on Mac OS X 10.6.6?

No comments:

Post a Comment