A server can become unreachable for remote administration due to an error with the firewall configuration. In such a case, you must reset the firewall to its default state so Server Admin can access the server.
This recovery procedure requires you to use the command-line interface and must be done by an administrator who has physical access to the server.
To reset the firewall to its default setting:
- Disconnect the server from the Internet.
- Restart the server in single-user mode by holding down the Command–s keys during startup.
- Remove or rename the address groups file found at /etc/ipfilter/ip_address_groups.plist.
- Remove or rename the ipfw configuration file found at /etc/ipfilter/ipfw.conf.
- Force-flush the firewall rules by entering the following in Terminal:
- Edit the /etc/hostconfig file and set IPFILTER=-YES-.
- Complete the startup sequence in the login window by entering exit:
the computer starts up with the default firewall rules and firewall enabled. Use Server Admin to refine the firewall configuration. - Log in to your server’s local administrator account to confirm that the firewall is restored to its default configuration.
- Reconnect your host to the Internet.
$ ipfw -f flush