Mac OS X Snow Leopard has a built-in firewall that plays the role of security guard, blocking or denying certain network traffic. That’s all well and good, but you must be careful to set up your firewall correctly before you turn it on: A configuration mistake could make your Mac inaccessible from the network.

For instance, if you want to enable FTP access on your Mac but you also want to keep all other traffic from coming into your Mac, you can tell the built-in firewall to allow only FTP traffic. The firewall on the Mac will block or allow only TCP/IP traffic ¯ not Bonjour ¯ so Bonjour traffic (which is always from your local network and not the Internet, anyway) can always get in.

When enabled, the firewall blocks all traffic that comes into your Mac. By default, however, the firewall is turned off. So, your first job is to enable the firewall, which you can do by following these steps:


Click the System Preferences icon in the Dock.

The System Preferences dialog appears.


Click the Security icon.

You see security options listed.


Click the Firewall tab.

The Firewall tab holds your options for setting your firewall.


Click the Start button to turn on your firewall.

Your firewall is enabled.


Click the Advanced button.

In this dialog, you tell your Mac what to let through your firewall.


Click the Automatically Allow Signed Software to Receive Incoming Connections radio button to select it.

This enables the firewall. And, by default, virtually all incoming TCP/IP traffic is blocked. You must enable each sharing method that you want to be able to use. When you enable different sharing methods from the Sharing pane in System Preferences (such as File Sharing or FTP Access), you’ll notice that those types of traffic now appear in the Firewall list. (In other words, when you turn on a sharing method, the firewall automatically allows traffic for that sharing method, which Snow Leopard calls a service.)

Click the up/down arrow icon to the right of any service to specify whether the firewall should allow or block connections.

Sometimes, you might want to allow other traffic through your firewall that isn’t on the firewall list of recognized services and applications. At that point, you can click the Add button (which bears a plus sign) to specify the application that your firewall should allow. Snow Leopard presents you with the familiar Add dialog, and you can choose the application that needs access.