How do I get the Mac OS X Firewall to permanently allow my iOS app?

Question

I\'m writing an iOS app that acts as, among other things, a telnet server. Naturally, it begins listening for connections as soon as it starts.

When I run the app in

Answer 1

I never had luck with manually adding the executable to the firewall's allowed-list. Here's a solution using an automated mouse click:

1. Download CLIclick. (Thank you Carsten.)
2. Put it in a suitable location, say /usr/local/bin.
3. Get the Allow button's screen coordinates using ⌘⇧4. (In my example, these are x: 750, y: 600.)

4. Create a script with this content (the w: is the wait time in ms):

   /usr/local/bin/cliclick c:750,600 w:1500 m:+0,+0 c:.
   

   (I couldn't get CLIclick to work without "moving" it to the same location (the m:+0,+0 part) and clicking again at the same spot with c:..)

5. Open Xcode's Preferences / Behaviors and add the above script.
6. Enjoy!

Answer 2

After dabbling with this for some time, I found that manually adding the executable itself to the Firewall "Allow" list gives the desired result. You don't add the .app, but rather the "Unix" executable inside the .app's Contents folder. I believed I had tried this file before without success, but currently it's working.

Answer 3

I think the best solution might be to script the process of okaying your app to the firewall.

If I recall correctly, the latest OSX firewall is actually clever about identifying apps and fingerprints the allowed binaries. This prevents the surprisingly effective tactic of just naming your malware "system32.exe" &c to evade the firewall. If that's the case, your app will be (correctly) blocked for not being the same binary that was okayed, and there's not really any way around it.

So, try scripting the firewall allowing process and incorporate that into the build process.

Answer 4

So we want to suppress the following dialog

Do you want the application “NNN.app” to accept incoming network connections?

which appear on every activation of the Xcode iOS simulator. I believe there is now a solution for that. Basing my answer on this blog.

Simply run the following commands in a Terminal window:

#temporarily shut firewall off:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate off

#put Xcode as an exception:
/usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Xcode.app/Contents/MacOS/Xcode

#put iOS Simulator as an exception:
/usr/libexec/ApplicationFirewall/socketfilterfw --add /Applications/Xcode.app/Contents/Developer/Applications/Simulator.app/Contents/MacOS/Simulator

#re-enable firewall:
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setglobalstate on

For me it worked. Please note simulator address is according to Xcode 8.

Answer 5

I don't know if it is the right way but for me worked.

1. Turn off the firewall
2. Connect with the iphone app to your mac
3. Check if everything in the connection working
4. Turn on the firewall