How can I turn on the macOS firewall from a script

macos command-line catalina firewall

I'm setting up a new Mac Mini and I am using a script assembled from commands that I've accumulated over the years to set defaults, create directory structures, install software, and otherwise customize my Macs the way I want them. The first command--to turn on the firewall--is failing to do anything. How is the firewall currently turned on, in Catalina?

The command I'm using is 

sudo defaults write /Library/Preferences/com.apple.alf globalstate -integer 1

This is the same thing I'm finding by Googling (or an alternate form with -int instead of -integer).

If it has not changed, what could be preventing it from working?


macOS now uses the pf firewall (from OpenBSD). Since Mac OS X Lion (10.7) circa 2012, the firewall ipfw was deprecated in favor of pf

The command to disable the pf firewall is:

% sudo pfctl -d

For full command line options for pfctl see man pfctl.

Related

Permission denied error when copying to /usr/local/bin
Why won’t my iPad backup?
Restoring from backup after jailbreak
Grant Terminal Access to Web Cam
How strong is mac login password protection?
2018 Mac mini random restart problem
Can I downgrade Catalina to El Capitan using a flash drive? [duplicate]
MacOS zsh alias pwd is incorrect
Missing operating system can’t install new Os
Dock moves to either bottom of main screen OR left of second screen - can't do left of main screen
What is a typical Notability's file size?
Is it possible to disable macOS requesting permissions via Apple Watch, but still use it to unlock Mac?