Enable PF at boot with in El Capitan + SIP

Affichage de 12 messages sur 2
Enable PF at boot with in El Capitan + SIP Doug Niven 23/10/15 22:01
Hi Folks,

The following steps worked great to load the PF firewall at boot with the additional -e flag (to enable) in Yosemite, Mavericks, perhaps older OSes:

        sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)'
        sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist
        sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist

However, SIP prevents changes to /System/Library/LaunchDaemons/com.apple.pfctl.plist so I’m wondering how else this could be done without disabling SIP?

Cheers, Doug

_____________________________________________________
MacEnterprise, Inc
http://www.macenterprise.org

Subscription Options and Archives
http://lists.psu.edu/archives/macenterprise.html
Re: Enable PF at boot with in El Capitan + SIP Greg Neagle 24/10/15 11:13
Create a new Launchd plist at /Library/LaunchDaemons with the desired contents. Load that, or reboot.

Sent from my iPhone