| Enable PF at boot with in El Capitan + SIP | Doug Niven | 23/10/15 22:01 | Hi Folks,
The following steps worked great to load the PF firewall at boot with the additional -e flag (to enable) in Yosemite, Mavericks, perhaps older OSes: sudo defaults write /System/Library/LaunchDaemons/com.apple.pfctl ProgramArguments '(pfctl, -f, /etc/pf.conf, -e)' sudo chmod 644 /System/Library/LaunchDaemons/com.apple.pfctl.plist sudo plutil -convert xml1 /System/Library/LaunchDaemons/com.apple.pfctl.plist However, SIP prevents changes to /System/Library/LaunchDaemons/com.apple.pfctl.plist so I’m wondering how else this could be done without disabling SIP? Cheers, Doug _____________________________________________________ MacEnterprise, Inc http://www.macenterprise.org Subscription Options and Archives http://lists.psu.edu/archives/macenterprise.html |
| Re: Enable PF at boot with in El Capitan + SIP | Greg Neagle | 24/10/15 11:13 | Create a new Launchd plist at /Library/LaunchDaemons with the desired contents. Load that, or reboot.
Sent from my iPhone |