Mac OSX (Snow Leopard) – Firewall blocking DHCP
Rob | June 5, 2010I’ve recently decided on a bit of a change and bought a Mac. A 13″ Mac Book Pro to be exact. It’s been a bit of a learning experience which has been quite nice after using Microsoft Windows since 3.1.
Anyway, after a few months I started experiencing issues with my Trackpad, the physical click was only working intermittently. I took the laptop into my local Apple store after making an appointment with a ‘Genius’. Unfortunately this was the week of the iPad release meanining I had to avoid the high fives on the walk in. Cutting a long story short, the ‘genius’ replaced the Trackpad… Sorted.
When I got the laptop home, I realised I couldn’t obtain a DHCP address from my router (wired or wireless ruling out a hardware issue in my mind). Following some troubleshooting I found that I could obtain an address when the firewall was disabled. Given that I didn’t want to disable the firewall every time I wanted to lease an IP address, I did a little more research. It appears when the ‘genius’ had replaced the Trackpad, the system clock had been reset to 01 Jan 2000 which caused an issue with the digital signing of certain binaries (krb5dc and nmbd in my instance).
To resolve the issue, I simply restored these files from a Time Machine backup I had taken before I let an Apple ‘genius’ loose with my laptop.
If you’re not lucky enough to have a backup of these system files, my advice would be to add them to your firewall exclusions through System Preferences –> Security –> Firewall –> Advanced – Navigate to the /usr/sbin/krb5dc and /usr/sbin/nmbd then select ‘allow incoming connections’. You may also need to repeat this for /usr/sbin/mDNSresponder. As always, don’t forget to restart your device to ensure it works.
If you’re experiencing similar issues, give it a go. I am by no means a Mac expert having used one for a few months, but it was simple enough.
Many, many, many thanks. Seriously, I can’t thank you enough. I was ready to pull my hair out over DHCP being obstructed by my firewall. I was looking everywhere for instructions on which files to specifically create a firewall exception for, how to do so and where to locate these files.
For some reason (Apple not trusting their users I guess?) it’s impossible to search for items located in hidden folders in the search panel within the exception-adding tool in System Preferences. The workaround is to simply navigate to the /usr/sbin folder using the Finder’s “Go to Folder” functionality, then drag-and-drop the required files into the firewall exceptions list.
In my case, I had to reboot my machine (2010 13″ MBP, Snow Leopard) for the exceptions to become effective.
How did I get myself into this situation? My system clock got reset to Jan 1st, 2001. (I’m too embarassed to admit that I let my battery run completely flat). Tried to connect to Wi-Fi and/or Ethernet before setting the clock, and voilà, everything went pear-shaped.
The one take-away is: Set the system clock before connecting to any Wi-Fi and/or Ethernet!