subject:"Re\: MacPorts question"

Re: MacPorts question

2016-10-07 Thread Ryan Schmidt

> On Oct 7, 2016, at 10:13 AM, m...@macports.org wrote:
> 
> 
>> On Oct 7, 2016, at 8:18 AM, Ryan Schmidt  wrote:
>> 
>> 
>> On Oct 7, 2016, at 9:15 AM, m...@macports.org wrote:
>> 
>>> On Oct 7, 2016, at 7:55 AM, Ryan Schmidt  wrote:
>>> 
 I was using nginx when I was encountering these problems.
>>> 
>>> I just installed and “load”ed nginx and added a firewall rule for it. It 
>>> survived reboot for me!
>> 
>> Does it survive upgrading (or downgrading) nginx?
> 
> I won’t know until it gets updated next.

If you wanted to test, you could downgrade:

https://trac.macports.org/wiki/howto/InstallingOlderPort

> In any event, I don’t think it is an issue. I think when you are updating the 
> port, you should relaunch the startupitem as part of that upgrade process. 
> What if the startupitem changed? We can know as Macports committers, but 
> normal users generally will not know. So it is best practice to do such. 

Restarting the computer is equivalent to unloading and then loading the launchd 
plist. I don't remember the specifics as it was months ago, and if I had even 
been able to specify exactly when the problem occurred that might have helped 
me look for a solution. What I remember is that I would seem to get things into 
a working state, and then something would happen--restart? upgrade port?--that 
would cause the firewall to be blocking connections again, even though the 
program was listed as allowed in the preferences.

I want my Tiger firewall back, where I just specify that traffic on port 80 
should be allowed. Simple. Works.

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread mf2k

> On Oct 7, 2016, at 8:18 AM, Ryan Schmidt  wrote:
> 
> 
> On Oct 7, 2016, at 9:15 AM, m...@macports.org wrote:
> 
>> On Oct 7, 2016, at 7:55 AM, Ryan Schmidt  wrote:
>> 
>>> I was using nginx when I was encountering these problems.
>> 
>> I just installed and “load”ed nginx and added a firewall rule for it. It 
>> survived reboot for me!
> 
> Does it survive upgrading (or downgrading) nginx?

I won’t know until it gets updated next. In any event, I don’t think it is an 
issue. I think when you are updating the port, you should relaunch the 
startupitem as part of that upgrade process. What if the startupitem changed? 
We can know as Macports committers, but normal users generally will not know. 
So it is best practice to do such. 

Cheers!
Frank

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread mf2k

Hello Zachery,

> On Oct 7, 2016, at 8:55 AM, Zachary Waibel  wrote:
> 
> Hello Ryan & Frank,
> 
> Being new to the list I was not sure where to look for your response. I was 
> thinking/hoping the replies would simply come to me via email given 
> "macports-users@lists.macosforge.org 
> ” is part of this thread. 
> However, let me know if this is not true.

That is correct. For whatever reason, one of my replies never hit the list. 

> Regarding the issue, I think I tried adding httpd to my Firewall list as you 
> mentioned and it did not survive reboot. Right now my solution is to create a 
> script that is run at startup that has proper permissions to execute “sudo 
> port unload apache2” and then "sudo port load apache2”.  Not pretty I know, 
> that’s why I won’t bother going into the details.

Well I just determined that the issue is that the httpd process itself is not 
surviving the reboot. So the real issue may be in the startupitem for the port. 

Cheers!
Frank___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread Ryan Schmidt


On Oct 7, 2016, at 9:15 AM, m...@macports.org wrote:

> On Oct 7, 2016, at 7:55 AM, Ryan Schmidt  wrote:
> 
>> I was using nginx when I was encountering these problems.
> 
> I just installed and “load”ed nginx and added a firewall rule for it. It 
> survived reboot for me!

Does it survive upgrading (or downgrading) nginx?



___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread mf2k


> On Oct 7, 2016, at 7:55 AM, Ryan Schmidt  wrote:
> 
> 
>> On Oct 7, 2016, at 8:54 AM, m...@macports.org wrote:
>> 
>> [Cc’ing Macports Users this time]
>> 
>>> On Oct 7, 2016, at 7:39 AM, Ryan Schmidt  wrote:
>>> 
>>> 
 On Oct 7, 2016, at 8:35 AM, m...@macports.org wrote:
 
 Hi Ryan,
 
 
 Thank you for the reply. So I think that you did not see my other post. I 
 wonder why the mailing list did not send it? Maybe because I had modified 
 the subject title? Here it is again:
>>> 
>>> You're right, I didn't see that message.
>>> 
>>> 
 OK, the solution was actually very simple. I added the httpd application 
 to the Firewall. It is located here:
 
 /opt/local/apache2/bin/httpd
 
 This survived a reboot for me. 
 
 Steps to add it (sorry if this is obvious):
 1. Starting from the Terminal type:
  - cd /opt/local/apache2/bin/
  - open .
 2. Open System Preferences->Security & Privacy->Firewall tab.
 3. Click the lock to unlock it.
 4. Click Firewall Options…
 5. Click +
 6. In Finder, drag “httpd” (now visible in Finder from Step 1) to the 
 dialog. 
 
 
>>> 
>>> I'm familiar with this procedure; I've read it on many web sites. But it 
>>> often simply does not work. Despite the program having been added to the 
>>> firewall options in this manner, communication remains blocked. I was only 
>>> able to get it to work by using a terminal command to add it to the 
>>> firewall, and I don't recall whether that turned out to be a permanent 
>>> solution or not; I have a feeling it either did not survive reboot or did 
>>> not survive updating the port that provided that binary.
>> 
>> OK. I played around with this some more and did a bunch of rebooting. The 
>> problem is that apache2 itself does not survive the reboot! I tested this by 
>> looking at “httpd” in activity monitor. So the firewall rule is correct. But 
>> we have another issue that the startupitem for Apache2 is not properly 
>> working in El Capitan (at least). 
>> 
>> I use the port load command like so:
>> 
>> - sudo port load apache2
>> - httpd is present and running in Activity Monitor
>> - Reboot
>> - httpd is gone!
> 
> I was using nginx when I was encountering these problems.

I just installed and “load”ed nginx and added a firewall rule for it. It 
survived reboot for me!


Cheers!
Frank

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread Ryan Schmidt


> On Oct 7, 2016, at 8:54 AM, m...@macports.org wrote:
> 
> [Cc’ing Macports Users this time]
> 
>> On Oct 7, 2016, at 7:39 AM, Ryan Schmidt  wrote:
>> 
>> 
>>> On Oct 7, 2016, at 8:35 AM, m...@macports.org wrote:
>>> 
>>> Hi Ryan,
>>> 
>>> 
>>> Thank you for the reply. So I think that you did not see my other post. I 
>>> wonder why the mailing list did not send it? Maybe because I had modified 
>>> the subject title? Here it is again:
>> 
>> You're right, I didn't see that message.
>> 
>> 
>>> OK, the solution was actually very simple. I added the httpd application to 
>>> the Firewall. It is located here:
>>> 
>>> /opt/local/apache2/bin/httpd
>>> 
>>> This survived a reboot for me. 
>>> 
>>> Steps to add it (sorry if this is obvious):
>>> 1. Starting from the Terminal type:
>>>   - cd /opt/local/apache2/bin/
>>>   - open .
>>> 2. Open System Preferences->Security & Privacy->Firewall tab.
>>> 3. Click the lock to unlock it.
>>> 4. Click Firewall Options…
>>> 5. Click +
>>> 6. In Finder, drag “httpd” (now visible in Finder from Step 1) to the 
>>> dialog. 
>>> 
>>> 
>> 
>> I'm familiar with this procedure; I've read it on many web sites. But it 
>> often simply does not work. Despite the program having been added to the 
>> firewall options in this manner, communication remains blocked. I was only 
>> able to get it to work by using a terminal command to add it to the 
>> firewall, and I don't recall whether that turned out to be a permanent 
>> solution or not; I have a feeling it either did not survive reboot or did 
>> not survive updating the port that provided that binary.
> 
> OK. I played around with this some more and did a bunch of rebooting. The 
> problem is that apache2 itself does not survive the reboot! I tested this by 
> looking at “httpd” in activity monitor. So the firewall rule is correct. But 
> we have another issue that the startupitem for Apache2 is not properly 
> working in El Capitan (at least). 
> 
> I use the port load command like so:
> 
> - sudo port load apache2
> - httpd is present and running in Activity Monitor
> - Reboot
> - httpd is gone!

I was using nginx when I was encountering these problems.


___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-10-07 Thread mf2k

[Cc’ing Macports Users this time]

> On Oct 7, 2016, at 7:39 AM, Ryan Schmidt  wrote:
> 
> 
>> On Oct 7, 2016, at 8:35 AM, m...@macports.org wrote:
>> 
>> Hi Ryan,
>> 
>> 
>> Thank you for the reply. So I think that you did not see my other post. I 
>> wonder why the mailing list did not send it? Maybe because I had modified 
>> the subject title? Here it is again:
> 
> You're right, I didn't see that message.
> 
> 
>> OK, the solution was actually very simple. I added the httpd application to 
>> the Firewall. It is located here:
>> 
>> /opt/local/apache2/bin/httpd
>> 
>> This survived a reboot for me. 
>> 
>> Steps to add it (sorry if this is obvious):
>> 1. Starting from the Terminal type:
>>- cd /opt/local/apache2/bin/
>>- open .
>> 2. Open System Preferences->Security & Privacy->Firewall tab.
>> 3. Click the lock to unlock it.
>> 4. Click Firewall Options…
>> 5. Click +
>> 6. In Finder, drag “httpd” (now visible in Finder from Step 1) to the 
>> dialog. 
>> 
>> 
> 
> I'm familiar with this procedure; I've read it on many web sites. But it 
> often simply does not work. Despite the program having been added to the 
> firewall options in this manner, communication remains blocked. I was only 
> able to get it to work by using a terminal command to add it to the firewall, 
> and I don't recall whether that turned out to be a permanent solution or not; 
> I have a feeling it either did not survive reboot or did not survive updating 
> the port that provided that binary.

OK. I played around with this some more and did a bunch of rebooting. The 
problem is that apache2 itself does not survive the reboot! I tested this by 
looking at “httpd” in activity monitor. So the firewall rule is correct. But we 
have another issue that the startupitem for Apache2 is not properly working in 
El Capitan (at least). 

I use the port load command like so:

 - sudo port load apache2
 - httpd is present and running in Activity Monitor
 - Reboot
 - httpd is gone!


-Frank

> On Oct 7, 2016, at 7:32 AM, Ryan Schmidt  wrote:
>>> 
>>> I haven't had time to try your solution. But I saw your follow-up that said 
>>> that it did not survive a reboot.
>>> 
>>> 
 On Oct 7, 2016, at 8:29 AM, m...@macports.org wrote:
 
 Hi Ryan and Zachary,
 
 
 I posted how to do this to the list and got no response. I’m curious why 
 that is? I have to conclude one of the following:
 
 - It didn’t work for you. 
 - You didn’t see it. 
 - Something else I’m missing?
 
 I am happy to document the solution on the wiki, but I want to make sure 
 that it works for others first and that my instructions are clear. 
 
 
 Cheers!
 Frank
 
 
> On Sep 29, 2016, at 2:05 PM, Ryan Schmidt  wrote:
> 
> 
>> On Sep 29, 2016, at 10:30 AM, Zachary Waibel  wrote:
>> 
>> Sorry for the spam, but I have a question regarding my MacPorts 
>> installation, and I’m not sure if filing a ticket is the right way to go 
>> to get my question answered. If it is then I will do that.
>> 
>> Here’s my question: 
>> 
>> I've installed the latest MacPorts and my issue is that if I start 
>> apache2 using the command "sudo port load apache2” I can then find my 
>> website from outside my network.  However, after restarting my Mac and I 
>> cannot find my website anymore.  It turns out if I turn off macOS’s 
>> Firewall I can then find the website from the outside again.  The other 
>> way I can solve it is by doing "sudo port unload apache2” and then "sudo 
>> port load apache2”, which seems to open port 80.  However, after a 
>> restart the port is not opened, but apache2 is running.  So is MacPorts 
>> not compatible with El Capitan’s Firewall?
>> 
>> Thank you for any help!
> 
> Writing to the macports-users mailing list is probably the right thing to 
> do. I'm Cc'ing the list now. To reply, please make sure you're subscribed 
> to the list first.
> 
> I've also been frustrated with the new macOS firewall for some years. I 
> don't understand it. Maybe someone else on the list does and can give us 
> both some advice.
> 
>>> 
>>> 
>> 
> 

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Apache and the macOS Firewall (was Re: MacPorts question)

2016-10-05 Thread mf2k


> On Sep 29, 2016, at 2:05 PM, Ryan Schmidt  wrote:
> 
> 
>> On Sep 29, 2016, at 10:30 AM, Zachary Waibel  wrote:
>> 
>> Here’s my question: 
>> 
>> I've installed the latest MacPorts and my issue is that if I start apache2 
>> using the command "sudo port load apache2” I can then find my website from 
>> outside my network.  However, after restarting my Mac and I cannot find my 
>> website anymore.  It turns out if I turn off macOS’s Firewall I can then 
>> find the website from the outside again.  The other way I can solve it is by 
>> doing "sudo port unload apache2” and then "sudo port load apache2”, which 
>> seems to open port 80.  However, after a restart the port is not opened, but 
>> apache2 is running.  So is MacPorts not compatible with El Capitan’s 
>> Firewall?
>> 
>> Thank you for any help!
> 
> Writing to the macports-users mailing list is probably the right thing to do. 
> I'm Cc'ing the list now. To reply, please make sure you're subscribed to the 
> list first.
> 
> I've also been frustrated with the new macOS firewall for some years. I don't 
> understand it. Maybe someone else on the list does and can give us both some 
> advice.

OK, the solution was actually very simple. I added the httpd application to the 
Firewall. It is located here:

/opt/local/apache2/bin/httpd

This survived a reboot for me. 

Steps to add it (sorry if this is obvious):
 1. Starting from the Terminal type:
- cd /opt/local/apache2/bin/
- open .
 2. Open System Preferences->Security & Privacy->Firewall tab.
 3. Click the lock to unlock it.
 4. Click Firewall Options…
 5. Click +
 6. In Finder, drag “httpd” (now visible in Finder from Step 1) to the dialog. 



Please let me know if this works for you too and I will add these steps to the 
wiki. 


Cheers!
Frank

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-09-30 Thread mf2k


> On Sep 29, 2016, at 3:01 PM, m...@macports.org wrote:
> 
>  - Edit /etc/pf.conf with your favorite text editor
>  - Add the following lines to the bottom of the file:
> # Macports Apache
> pass in proto tcp from any to any port 80
>  - Reboot or manually reload the firewall:
> sudo pfctl -vnf /etc/pf.conf

Never mind. This does not survive reboot for me. The pass command might not be 
correct. 


-Frank

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-09-29 Thread mf2k


> On Sep 29, 2016, at 2:05 PM, Ryan Schmidt  wrote:
> 
>> On Sep 29, 2016, at 10:30 AM, Zachary Waibel  wrote:
>> 
>> I've installed the latest MacPorts and my issue is that if I start apache2 
>> using the command "sudo port load apache2” I can then find my website from 
>> outside my network.  However, after restarting my Mac and I cannot find my 
>> website anymore.  It turns out if I turn off macOS’s Firewall I can then 
>> find the website from the outside again.  The other way I can solve it is by 
>> doing "sudo port unload apache2” and then "sudo port load apache2”, which 
>> seems to open port 80.  However, after a restart the port is not opened, but 
>> apache2 is running.  So is MacPorts not compatible with El Capitan’s 
>> Firewall?
>> 
>> Thank you for any help!
> 
> Writing to the macports-users mailing list is probably the right thing to do. 
> I'm Cc'ing the list now. To reply, please make sure you're subscribed to the 
> list first.
> 
> I've also been frustrated with the new macOS firewall for some years. I don't 
> understand it. Maybe someone else on the list does and can give us both some 
> advice.

El Capitan uses PF [1] for the firewall. I believe you need to edit the 
configuration file manually and use the command line. Apple’s GUI in System 
Preferences is too simple to do this. 

 - Edit /etc/pf.conf with your favorite text editor
 - Add the following lines to the bottom of the file:
# Macports Apache
pass in proto tcp from any to any port 80
 - Reboot or manually reload the firewall:
sudo pfctl -vnf /etc/pf.conf


[1] 

Cheers!
Frank

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

2016-09-29 Thread Ryan Schmidt


> On Sep 29, 2016, at 10:30 AM, Zachary Waibel  wrote:
> 
> Sorry for the spam, but I have a question regarding my MacPorts installation, 
> and I’m not sure if filing a ticket is the right way to go to get my question 
> answered. If it is then I will do that.
> 
> Here’s my question: 
> 
> I've installed the latest MacPorts and my issue is that if I start apache2 
> using the command "sudo port load apache2” I can then find my website from 
> outside my network.  However, after restarting my Mac and I cannot find my 
> website anymore.  It turns out if I turn off macOS’s Firewall I can then find 
> the website from the outside again.  The other way I can solve it is by doing 
> "sudo port unload apache2” and then "sudo port load apache2”, which seems to 
> open port 80.  However, after a restart the port is not opened, but apache2 
> is running.  So is MacPorts not compatible with El Capitan’s Firewall?
> 
> Thank you for any help!

Writing to the macports-users mailing list is probably the right thing to do. 
I'm Cc'ing the list now. To reply, please make sure you're subscribed to the 
list first.

I've also been frustrated with the new macOS firewall for some years. I don't 
understand it. Maybe someone else on the list does and can give us both some 
advice.

___
macports-users mailing list
macports-users@lists.macosforge.org
https://lists.macosforge.org/mailman/listinfo/macports-users

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

Apache and the macOS Firewall (was Re: MacPorts question)

Re: MacPorts question

Re: MacPorts question

Re: MacPorts question

11 matches

Site Navigation

Mail list logo

Footer information