How can I restrict Mac sharing services to a specific network/adapter?

sharing network firewall services

Solution 1:

You can do this using the builtin ipfw firewall (it is not the default firewall in Snow Leopard, but it is still included). You can configure from the command line, the exact rule set you need depends on your other requirements, but the specific rule in question would be something like:

# allow AFP (port 548) traffic from 10net
/sbin/ipfw add allow tcp from 10.0.0/24 to any 548

# deny all other AFP traffic 
ipfw add deny tcp from any to any 548

Obviously you will need to adjust that for your specific network. Also, these rules are not persistent, which means you will need to add a script to run them commands every reboot. On the other hand, that means that if you wedge your networking while trying to come up with appropriate rules you can always just reboot to reset the stack. There are plenty of ipfw tutorials on the web (most of them are aimed at FreeBSD users, but it is the same interface).

Related

SMB: auto-unmount then unable to re-mount without restart
Generic exit function for iTerm2
AppleScript: How to open a link in Google Chrome in a new, adjacent tab?
Catalina: Login Screen Freezes After Password Entry
How do I use AppleScript to open a specific note from Apple's Notes application?
ITunes Match: syncing smart playlists that reference other playlists
With WebDAV provided by Microsoft SharePoint, how can users of OS X minimise risks of corruption and multiuser overwrites?
Use only the left option key as meta key in Terminal.app
Solve system of linear integer equations in Python
Is there an equivalent windows command for chmod?
Custom header to HttpClient request
Difference between Header Search Path and Library Search Path?