logo标签列表

Mac OSX - 如何打开一个端口

macos
23

我想打开我的 Mac 的 25 端口,所以我编辑了文件 /etc/pf.conf

MacBook-Pro-de-nunito:~ calzada$ more /etc/pf.conf
#
# Default PF configuration file.
#
# This file contains the main ruleset, which gets automatically loaded
# at startup.  PF will not be automatically enabled, however.  Instead,
# each component which utilizes PF is responsible for enabling and disabling
# PF via -E and -X as documented in pfctl(8).  That will ensure that PF
# is disabled only when the last enable reference is released.
#
# Care must be taken to ensure that the main ruleset does not get flushed,
# as the nested anchors rely on the anchor point defined here. In addition,
# to the anchors loaded by this file, some system services would dynamically 
# insert anchors into the main ruleset. These anchors will be added only when
# the system service is used and would removed on termination of the service.
#
# See pf.conf(5) for syntax.
#

#
# com.apple anchor point
#
pass in proto tcp from any to any port 80
pass in proto tcp from any to any port 25
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"

但是当我重新启动服务时,我收到了这些错误:

MacBook-Pro-de-nunito:~ calzada$ sudo pfctl -f /etc/pf.conf
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.

No ALTQ support in kernel
ALTQ related functions disabled
/etc/pf.conf:24: Rules must be in order: options, normalization, queueing, translation, filtering
/etc/pf.conf:25: Rules must be in order: options, normalization, queueing, translation, filtering
/etc/pf.conf:26: Rules must be in order: options, normalization, queueing, translation, filtering
pfctl: Syntax error in config file: pf rules not loaded

将这些行添加到文件末尾:
MacBook-Pro-de-nunito:~ calzada$ sudo pfctl -f /etc/pf.conf
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.

No ALTQ support in kernel
ALTQ related functions disabled
MacBook-Pro-de-nunito:~ calzada$ nmap -p 25 localhost

Starting Nmap 7.40 ( https://nmap.org ) at 2017-03-12 21:35 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00023s latency).
Other addresses for localhost (not scanned): ::1
PORT   STATE  SERVICE
25/tcp closed smtp

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds
1
尝试将你的新“pass in”行移动到pf.conf文件的底部。我看到的所有示例都是在末尾。 - Michael Dautermann
2
如此简洁的帖子标题! - Eduard
1个回答
13

你确定你有在25端口上监听某些东西吗?如果你在25端口上没有任何监听,它将显示为关闭。

由于您在本地主机上运行了nmap,因此您甚至不需要通过防火墙允许任何内容。只有当流量来自另一台设备时,您才需要通过防火墙允许它通过。

您可以使用以下命令检查程序是否在25端口上进行监听:

lsof -n -i:25 | grep LISTEN

网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接