After upgrading to OS X Mavericks (10.9), iStat on my iPhone was no longer able to connect to iStat Server on Mavericks. I had vaguely recalled seeing the OS X Server installer tell me that ipfw should be disabled, so I disabled it. I didn’t really think of it at the time, but I had a firewall rule set to allow TCP port 5109 be opened for iStat Server … because simply adding it via the Firewall settings is System Preferences did absolutely nothing … for some reason.
So I recalled the installer mentioning pf and told me to use pfctl. That took me on a journey the OS X man page regarding pfctl and about an hour later I finally figured out how to make it all work … and here it is:
sudo vim /etc/pf.conf
Add this line to the config file (after the com.apple anchor is fine) where en0 is your ethernet adapter and port 5109 is the port you’re using in iStat Server:
pass in on en0 proto tcp from any to any port 5109
This allows TCP data on port 5109 to pass into your machine via en0. This allows it from any IP address, but you could have changed the first mention of “any” to an IP address in order to only allow from a single IP address.
If you aren’t using a wired connection, you can change en0 to en1, or if you’re uncertain which adapter you’re using, run the following command to see which is active on your setup, noting which has a status of “active”:
This should yield something like the following. Note how en0 is “active”.
en0: flags=[redacted] options=[redacted] ether [redacted] inet6 [redacted] inet [redacted] nd6 options=[redacted] media: [redacted] status: active en1: flags=[redacted] ether [redacted] nd6 options=[redacted] media: [redacted] status: inactive
Save the config file and run the following to reload the config file, and verify using verbose:
sudo pfctl -vnf pf.conf
I also ran this, just in case:
sudo pfctl -Rf pf.conf
That’s all I needed and I was able to make my way into my machine.
But, it wasn’t until I turned off SSL that I was actually able to connect to iStat Server. I’m hoping SSL is remedied soon! SSL now works once again!