iStat Server and opening port 5109 on OS X Mavericks

After upgrading to OS X Mavericks (10.9), iStat on my iPhone was no longer able to connect to iStat Server on Mavericks. I had vaguely recalled seeing the OS X Server installer tell me that ipfw should be disabled, so I disabled it. I didn’t really think of it at the time, but I had a firewall rule set to allow TCP port 5109 be opened for iStat Server … because simply adding it via the Firewall settings is System Preferences did absolutely nothing … for some reason.

So I recalled the installer mentioning pf and told me to use pfctl. That took me on a journey the OS X man page regarding pfctl and about an hour later I finally figured out how to make it all work … and here it is:

sudo vim /etc/pf.conf

Add this line to the config file (after the com.apple anchor is fine) where en0 is your ethernet adapter and port 5109 is the port you’re using in iStat Server:

pass in on en0 proto tcp from any to any port 5109

This allows TCP data on port 5109 to pass into your machine via en0. This allows it from any IP address, but you could have changed the first mention of “any” to an IP address in order to only allow from a single IP address.

If you aren’t using a wired connection, you can change en0 to en1, or if you’re uncertain which adapter you’re using, run the following command to see which is active on your setup, noting which has a status of “active”:

ifconfig

This should yield something like the following. Note how en0 is “active”.

en0: flags=[redacted]
	options=[redacted]
	ether [redacted]
	inet6 [redacted]
	inet [redacted]
	nd6 options=[redacted]
	media: [redacted]
	status: active
en1: flags=[redacted]
	ether [redacted]
	nd6 options=[redacted]
	media: [redacted]
	status: inactive

Save the config file and run the following to reload the config file, and verify using verbose:

sudo pfctl -vnf pf.conf

I also ran this, just in case:

sudo pfctl -Rf pf.conf

That’s all I needed and I was able to make my way into my machine. But, it wasn’t until I turned off SSL that I was actually able to connect to iStat Server. I’m hoping SSL is remedied soon! SSL now works once again!

4 Replies to “iStat Server and opening port 5109 on OS X Mavericks”

  1. Hey mate! thanks for the tips!

    Having a bit of trouble though. Was about to add your first line to the config file and realized you were using the name of ethernet adapter, ie you must be on a wired internet.

    Any ideas how to make this work over wireless?

    Cheers!

    1. No problem, glad I could help. en0 is almost always wired, as you noted, and en1 is almost always wireless. You can check by running “ifconfig” in a terminal window and noting which of the “en” is connected. On my iMac and my Mini server, en1 is wireless. Good luck!

    1. I honestly don’t remember, but after reviewing the commands shown I don’t think you would need to restart. Did you double-check that you used the correct network interface (en0, en1, etc.)? Restarting wouldn’t hurt, but I don’t think it was required at the time.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.