Specifications
Chapter 14 Configuring and Managing Network Services 237
Viewing the Firewall Service Log and Log Path
To view the contents of the ipfilter service log to view log paths, use tail or another
file listing tool.
To view the latest entries in the log:
$ tail
log-file
To see where the ipfilter service log is located, use the serveradmin getLogPaths
command.
To view the log path:
$ sudo serveradmin command ipfilter:command = getLogPaths
The computer responds with output similar to the following:
ipfilter:systemLog = <system-log>
Using Firewall Service to Simulate Network Activity
You can use Firewall service in Mac OS X with Dummynet, a general-purpose network
load simulator. For more information about Dummynet, see ai3.asti.dost.gov.ph/sat/
dummynet.html. Also see the ipfw man page.
Managing NAT Service
Network Address Translation (NAT) is sometimes referred to as IP masquerading. NAT is
used to allow multiple computers to access the Internet with only one assigned public
or external IP address. NAT allows you to create a private network that accesses the
Internet through a NAT router or gateway.
The NAT router takes traffic from your private network and remembers which internal
address made the request. When the NAT router receives the response to the request, it
forwards it to the originating computer. Traffic that originates from the Internet does
not reach computers behind the NAT router unless port forwarding is enabled.
Note: Firewall service must be configured and running NAT service. The NAT service
divert rule is run through ipfw.
Starting and Stopping NAT Service
To start the service:
$ sudo serveradmin start nat
To stop the service:
$ sudo serveradmin stop nat
Value Description
<system-log> The location of the ipfilter service log.
Default =
/var/log/ipfw.log