Enable and disable the pow firewall rule for Cisco AnyConnect

pow

#!/usr/bin/env bash

# Set up the environment.
set -e
POW_ROOT="$HOME/Library/Application Support/Pow"
POW_CURRENT_PATH="$POW_ROOT/Current"
POW_VERSIONS_PATH="$POW_ROOT/Versions"
POWD_PLIST_PATH="$HOME/Library/LaunchAgents/cx.pow.powd.plist"
FIREWALL_PLIST_PATH="/Library/LaunchDaemons/cx.pow.firewall.plist"

# Read the firewall plist, if possible, to figure out what ports are in use.
if [[ -a "$FIREWALL_PLIST_PATH" ]]; then
	ports=($(ruby -e'puts $<.read.scan(/fwd .*?,([\d]+).*?dst-port ([\d]+)/)' "$FIREWALL_PLIST_PATH"))

	HTTP_PORT=${ports[0]}
	DST_PORT=${ports[1]}
fi

# Assume reasonable defaults otherwise.
[[ -z "$HTTP_PORT" ]] && HTTP_PORT=20559
[[ -z "$DST_PORT" ]] && DST_PORT=80


case $1 in
	"enable")
		sudo ipfw add fwd 127.0.0.1,$HTTP_PORT tcp from any to me dst-port $DST_PORT in && sysctl -w net.inet.ip.forwarding=1
		;;
	"disable")
		# Try to find the ipfw rule and delete it.
		RULE=$(sudo ipfw show | (grep ",$HTTP_PORT .* dst-port $DST_PORT in" || true) | cut -f 1 -d " ")
		[[ -n "$RULE" ]] && sudo ipfw del "$RULE"
		;;
	*)	
		echo "Usage pow <action>"
		echo ""
		echo "  enable"
		echo "  disable"
		;;
	
esac

Forgive my ignorance, but is the above something one should execute once as a bash script, or is this to be added to ~/.powconfig or something?

Disregard. I got it to work. :)

What did you do to get it to work?

Here's what I did:

1. Save the above code to pow.sh
2. In Terminal, browse to where you saved that script.
3. Then type ./pow.sh disable

It seems I have to do this every time I reboot my computer, though. Is there a permanent way to delete the ipfw rule?

Wait, is this to allow the firewall rule to work alongside Cisco AnyConnect (which seems to disable it by default), or is there some other purpose?

hmm ipfw got removed in yosemite..