Firewall settings question

I was using the free wifi at a location not far from my house so I switched on the firewall and forgot I left it on. When I got home, all my SMB (buffalo linkstation) shares were gone! I started to get a little annoyed and then remembered what a PITA Zonealarm was on windows for making things dissapear and I switched off my Macbook firewall (Pynryn/Leopard/10.5.2) and voila, all my SMB shares came back! I wonder what settings I would have to make to keep the firewall on and yet still see all those SMB shares? Any ideas?

 

System Prefs>Sharing, click on File Sharing, then Options, and check the Share files/folders using SMB box. Then, in System Prefs>Security>Firewall, you should see File Sharing (SMB) in the big textbox. If you then click on Set access for specific services/apps, your firewall would be on, but your SMB shares should still be visible.

 

Did that. Turned on SMB before turning on firewall. My SMB shares went away again. Turned firewall back off. They didn't come back until I pinged the servers from a terminal. I had even downloaded a refresh button add-on for Finder and was about to install it when they finally came back. Ok, I went ahead and installed it. It's comforting to see that refresh button there when the network drives seem to be misbehavin'

 

bump...

I'd really like to start running the OS-X firewall, especially in light of this article. Ok, it seems slanted but I perused the pdf file and the exploits look genuine. Happily, most of them are Safari related and I use FF on my Macbook for the same reason I used FF on windows and I have javascript triple locked down so all those buffer overflow javascript exploits shouldn't affect me. But as OS X gains market share, the day is coming when all the little critters begin to get aimed at us and I want my firewall back. I guess I'll make a genius bar appointment and try to work through this with them.

 

bump! found the answer over at mac os hints. Not exactly intuitive as I would expect increasing security as you move down the list. It turns out the top pick is no firewall, the middle pick is the most severe firewall, and the bottom pick is the configurable firewall that lets smb and other such things work. Whew! Now I'm ready for those hotel hotspots as I've got everything working that I want to have working with my firewall in stealth mode.

 

Umm...In my post I told you to:

Which is the third option on my Firewall settings list. Is your list different??

 

For some reason, I misinterpreted your post. All those years of Zonealarm got me trained that lists were always sorted by severity. If the wide open option was at the top, then the most restrictive option belongs at the opposite end of the list or at the bottom. I guess there's also a certain amount of assumption involved. There aren't a lot of thermostats around that go cool--> HOT--> warm. I also had a little run-in with parental controls. I tried to let it filter the 'net for my kids and it performed badly. There are 3 options. Wide open. Best Guess (which doesn't really cut it) and Whitelist. With the whitelist option, I gotta spend my time whitelisting everything. There's no blacklist. All I wanted was a blacklist so I could block certain sites I knew I wanted them to stay away from like addictinggames. So I got the impression that if I picked the option where I had to list stuff, I had to list absolutely everything. I ain't got the time. It turns out firewall option 3 is really "essential services" plus the whitelisted apps shown. I had the impression it would work like parental controls and I would have to whitelist everything if I was going to whitelist anything. I'm glad the firewall is better designed than parental controls. Now let's just hope they get around to fixing parental controls.

Anyway, I've got a working firewall now and that's all that matters.