Settings for Firewall and AirPort Extreme Router to Open a Port

I am trying to make ports on my OS X 10.6.5 MBP accessible to the open internet.

The only thing I could find in the system firewall was allowing (or disallowing) a particular.app file, but nothing about specific ports. From Googling I read that the firewall is supposed to let an allowed.app use any ports it wants and specification is not needed. I added the .app I wanted to add the port for.

The router is an AirPort Extreme v7.5.1.

I've created a DHCP Reservation based on wireless MAC address for the laptop, 10.0.0.5.

Under Advanced: Port Mapping, I added a new entry with the same values for each combination of fields:

Public/Private UDP/TCP Port: 9000 Private IP Address: 10.0.0.5

I want port 9000 on my public IP address to forward to port 9000 on internal IP 10.0.0.5.

When I test my application after this, it doesn't work.

To further test, I've turned off the system firewall on the laptop, and I've also placed the laptop in the 'DMZ' by checking Enable default host at: 10.0.0.5

Even with this configuration set (disabled firewall in the dmz), a full port scan from GRC Shields Up!! reports no ports open whatsoever. Is that normal for OS X? I come from Windows-land, so that would be a surprise.

Is something wrong here?


Solution 1:

Something's wrong. If you've only got the Apple device between yourself and the internet - you've verified your external IP, you've lowered your machine's firewall, and you've DMZ'd your internal IP (which you've verified is correct...) - then the only way a connection can be halted is through another piece of software running on your machine.

If you go through all of those steps, you should be completely open to the internet.

Solution 2:

Wait.

If you are set to be wide open and you are showing as filtered from somewhere outside your network, then look to your ISP.

EDIT: After some research ipfw supersedes the Application firewall ( socketfilterfw) so, setting ipfw to allow the ports you want open should help. Shields up is most likely testing your router, I had a similar issue recently. You'd want to plug directly into your computer, with your network cable, or, with far more sanity than I, use nmap from your phone or something, and check your ports inside of the network.