TMO Quick Tip - Creating Custom Firewall Ports

by , 7:30 AM EST, February 21st, 2007

The firewall that's built into Mac OS X does a good job of blocking unwanted network traffic from finding its way into your Mac. But if you need a specific type of data to travel in and out of your Mac, and the firewall is blocking it, it's time to roll up your sleeves and open the port yourself.

First, a little back story on network ports. Network ports are a kind of virtual port that different types of data travel through. The data that passes through your firewall is assigned to a specific port, and each port has a unique number. For example, Web-based data, like the information that tells your Web browser how to display the sites you visit travels on port 80. Port 25 is commonly used for email.

If your firewall is blocking a specific port you need, any information traveling through that port will be blocked. Keeping with our Web data example, if port 80 is blocked, you won't be able to view Web pages.

Now back to our regularly scheduled Quick Tip. When your Mac's firewall is active, many applications that need to send data on a closed port will either ask you to manually open the port, or will open the port for you. If you need to manually open a port, here's what to do:

Start by finding out which port you need to open. If an application asks you to manually open a firewall port, it should also give you the associated number. If not, check the application's documentation, or for the ambitious, you can check the IANA port number Web page. Once you have the port number, it's time to modify your firewall settings. For this example, we'll assume that FileMaker Pro needs port 5003 open.

• Launch System Preferences. You can find it by selecting Apple menu > System Preferences.
• Click the Sharing.
• Click the Firewall tab.
• Click the New button in the Firewall pane.

Click the New button to create a network port.

• Choose Other from the Port Name pop-up menu.

Select Other to make a custom port.

• Enter the port number you want to open in the TCP Port Number(s) field. In our example, that's 5003. Don't worry about the UDP Port Number(s) field.

Enter the port number and a name.

• Enter a name that makes sense to you in the Description field. I typed "FileMaker Pro."
• Click OK.

Your new open network port.

This works only for firewall ports on your own Mac. If there is a network-based firewall blocking traffic, it may still prevent any information from passing out of your local network to the Internet. If you need network ports opened on a firewall that's between your Mac and the Internet, and you aren't comfortable or authorized to make those changes, contact your IT department or favorite Mac consultant.

If you aren't sure if your Mac's firewall is turned on, check out this Quick Tip on activating the firewall in Mac OS X.

This Quick Tip was adapted from The Designer's Guide to Mac OS X Tiger.

Jeff Gamet is TMO's Morning Editor and Reviews Editor. He lectures, teaches and speaks on Mac OS X and design-related topics, and is the author of The Designer's Guide to Mac OS X from Peachpit Press.

if you have tips or tricks to share, or Mac-related questions you want answered.