Skip to content

Instantly share code, notes, and snippets.

@beeftornado

beeftornado/_Library_LaunchDaemons_com.beeftornado.ipfw.plist

Last active March 5, 2016 09:43
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save beeftornado/8051952 to your computer and use it in GitHub Desktop.
Save beeftornado/8051952 to your computer and use it in GitHub Desktop.
Download ZIP
Limiting time machine bandwidth on my OSX Mavericks machine
Raw
_etc_ipfw.conf
# Step 1: Creates a pipe that only allows up to 1MB/s to go through.
pipe 1 config bw 1MByte/s
# Step 2: Add the pipe to uploads on port 548 (Standard AFP port, aka Time Machine)
add 1 pipe 1 dst-port 548
Raw
_Library_LaunchDaemons_com.beeftornado.ipfw.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST
1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.beeftornado.ipfw</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/ipfwstartup.sh</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>UserName</key>
<string>root</string>
<key>GroupName</key>
<string>wheel</string>
<key>ServiceDescription</key>
<string>IPFW filter settings</string>
<key>StandardErrorPath</key>
<string>/var/log/ipfw.log</string>
<key>StandardOutPath</key>
<string>/var/log/ipfw.log</string>
</dict>
</plist>
Raw
_usr_local_bin_ipfwstartup.sh
#!/bin/sh
# Startup script for ipfw on Mac OS X
# Flush existing rules
/sbin/ipfw -f -q flush
# Silently drop unsolicited connections
/usr/sbin/sysctl -w net.inet.tcp.blackhole=2
/usr/sbin/sysctl -w net.inet.udp.blackhole=1
# Load the firewall ruleset
/sbin/ipfw -q /etc/ipfw.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment