[
http://jira.magnolia.info/browse/MAGNOLIA-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Gregory Joseph updated MAGNOLIA-1959:
-------------------------------------
Description:
h3. Leopard's application level firewall :
Leopard's firewall behaves significantly differently than the firewall shipped
with OSX 10.4. The symptoms are that Tomcat seems unreachable
("kCFErrorDomainCFNetwork:302"), but unfortunately no log message *clearly*
identifies the issue.
It seems the behavior was different prior to OSX 10.5.3, but at least in 10.5.4
the following seems to work:
- "allow incoming connections" for the Magnolia and Tomcat scripts
({{magnolia_control.sh}}, {{startup.sh}}, {{shutdown.sh}}, {{catalina.sh}}), as
well as the Java binary (ie
{{/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Commands/java}})
- it seems sometimes necessary to "lock" and "unlock" the firewall settings
pane, so as to force it to take the new settings into account.
- if Magnolia was started, you'll have to kill it (-HUP works and shuts it down
nicely) and restart.
h4. More comments and questions
- somehow, setting the firewall too "allow all" does not seem to help.
- {{sudo launchctl remove com.apple.alf}} should remove the application-level
firewall, but for some reason, this hasn't proved very useful. Will have to try
again.
h4. Log files to watch:
* {{/var/log/system.log}}
* {{/var/log/secure.log}}
* {{/var/log/appfirewall.log}}
h4. Some interesting links:
* http://securosis.com/2007/11/01/investigating-the-leopard-firewall/
* http://documentation.magnolia.info/administration.html#Knownissues which
links back to here but has a nice little screenshot of Leopard's firewall
configuration gui ;)
h3. "Max.files opened"
There might be some "max.files opened" issues, with settings which are
different from Tiger(10.4), although this hasn't been reported in a while.
There is unfortunately not much we can do about this issue at the moment, as
far as we know.
*Feel free to comment on your own experience below and contribute tips and
tricks !*
was:
h3. Firewall :
Leopard's firewall behaves significantly differently than the firewall shipped
with OSX 10.4. The symptoms are that Tomcat seems unreachable
("kCFErrorDomainCFNetwork:302"), but unfortunately no log message *clearly*
identifies the issue.
It seems the behavior was different prior to OSX 10.5.3, but at least in 10.5.4
the following seems to work:
- "allow incoming connections" for the Magnolia and Tomcat scripts
({{magnolia_control.sh}}, {{startup.sh}}, {{shutdown.sh}}, {{catalina.sh}}), as
well as the Java binary (ie
{{/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Commands/java}})
- it seems sometimes necessary to "lock" and "unlock" the firewall settings
pane, so as to force it to take the new settings into account.
- if Magnolia was started, you'll have to kill it (-HUP works and shuts it down
nicely) and restart.
h4. More comments and questions
- somehow, setting the firewall too "allow all" does not seem to help.
- {{sudo launchctl remove com.apple.alf}} should remove the application-level
firewall, but for some reason, this hasn't proved very useful. Will have to try
again.
h4. Log files to watch:
* {{/var/log/system.log}}
* {{/var/log/secure.log}}
* {{/var/log/appfirewall.log}}
h4. Some interesting links:
* http://securosis.com/2007/11/01/investigating-the-leopard-firewall/
* http://documentation.magnolia.info/administration.html#Knownissues which
links back to here but has a nice little screenshot of Leopard's firewall
configuration gui ;)
h3. "Max.files opened"
There might be some "max.files opened" issues, with settings which are
different from Tiger(10.4), although this hasn't been reported in a while.
There is unfortunately not much we can do about this issue at the moment, as
far as we know.
*Feel free to comment on your own experience below and contribute tips and
tricks !*
> Leopard (osx 10.5) issues
> -------------------------
>
> Key: MAGNOLIA-1959
> URL: http://jira.magnolia.info/browse/MAGNOLIA-1959
> Project: Magnolia
> Issue Type: Bug
> Affects Versions: 3.5
> Reporter: Gregory Joseph
> Assignee: Gregory Joseph
>
> h3. Leopard's application level firewall :
> Leopard's firewall behaves significantly differently than the firewall
> shipped with OSX 10.4. The symptoms are that Tomcat seems unreachable
> ("kCFErrorDomainCFNetwork:302"), but unfortunately no log message *clearly*
> identifies the issue.
> It seems the behavior was different prior to OSX 10.5.3, but at least in
> 10.5.4 the following seems to work:
> - "allow incoming connections" for the Magnolia and Tomcat scripts
> ({{magnolia_control.sh}}, {{startup.sh}}, {{shutdown.sh}}, {{catalina.sh}}),
> as well as the Java binary (ie
> {{/System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Commands/java}})
> - it seems sometimes necessary to "lock" and "unlock" the firewall settings
> pane, so as to force it to take the new settings into account.
> - if Magnolia was started, you'll have to kill it (-HUP works and shuts it
> down nicely) and restart.
> h4. More comments and questions
> - somehow, setting the firewall too "allow all" does not seem to help.
> - {{sudo launchctl remove com.apple.alf}} should remove the application-level
> firewall, but for some reason, this hasn't proved very useful. Will have to
> try again.
> h4. Log files to watch:
> * {{/var/log/system.log}}
> * {{/var/log/secure.log}}
> * {{/var/log/appfirewall.log}}
> h4. Some interesting links:
> * http://securosis.com/2007/11/01/investigating-the-leopard-firewall/
> * http://documentation.magnolia.info/administration.html#Knownissues which
> links back to here but has a nice little screenshot of Leopard's firewall
> configuration gui ;)
> h3. "Max.files opened"
> There might be some "max.files opened" issues, with settings which are
> different from Tiger(10.4), although this hasn't been reported in a while.
> There is unfortunately not much we can do about this issue at the moment, as
> far as we know.
> *Feel free to comment on your own experience below and contribute tips and
> tricks !*
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/
----------------------------------------------------------------
