I need to block port 27017 to do some testing but I can’t seem to figure out how to do it in Mac OS X 10.10.5 (Yosemite). I know that sometime ago they moved from iptables to pf tables, but the information I can find specifically for blocking a port (in and out) is sparse.
Specifically I need some help with the following:
- How do I block all TCP traffic (in and out) on port
27017on all interfaces? - Where do I put this blocking directive? I'm assuming there is a config file.
- Once I’ve placed the blocking line, how do I restart/reload the firewall?
Edit
From what pf documentation I can grok this is what I have so far:
anchor "mongo" {
block drop quick on any proto tcp from any to any to port 27107
}
I interpret this as block and drop connections quickly on any interface using the tcp protocol for connections going from any host to any server on port 27017.
