0

I'm in the midst of moving from one Mac laptop to another. I decided to start from scratch and install everything by hand to avoid the cruft I accumulated over the years. My old laptop is on Yosemite 10.10.2 (upgraded from 10.8), the new one on 10.10.3.

In Dec 2012 I bought a Canon MG6250 and with the software installed (MP Navigation EX v5.0) I'm able to press a button on the printer and the page is scanned and automatically sent to the chosen computer (my laptop).

I have the functionality working on both laptops, but on the old it works fully automatically, on the new the firewall keeps asking for permission even though the application is in the list of the firewall. And it's not in the firewall list on the old laptop!

I've tried rebooting the new laptop, I've added the MP Navigator EX 5.0 Opener app to the firewall, but nothing works. All settings in the Security Pane are the same on both laptops.

I've looked through similar posts everywhere, but they either discuss the firewall of an old OSX version or they check the code signature. I wonder if that's a valid approach here since (a) the software predates any code signature requirements (versions of december 2012 and september 2013) and (b) it works correctly on my old laptop.

I noticed that the name of the application on file (MP Navigator EX) is slightly different than the name it mentions in the warning (MP Navigator EX 5.0), but I could not rename the application to a name containing the version.

More tinkering shows that when I'm able to rename the application, the functionality stops working, because the path is hardcoded somewhere. I've also set the gatekeeper to accept all applications, but no effect. I've even tested if I switch the firewall off, start a scan and switch the firewall on again.

I've tested the signature with codesign --verify -vv /Applications/..... and this application doesn't have a signature at all.

hepabolu
  • 111
  • 3
  • *"...or they check the code signature. I wonder if that's a valid approach here..."* So, did you try? It's easily done; it takes us longer to read your question. – Arjan May 31 '15 at 14:41
  • possible duplicate of [How do I stop my Mac from asking to accept incoming network connections?](http://superuser.com/questions/912656/how-do-i-stop-my-mac-from-asking-to-accept-incoming-network-connections) – Arjan May 31 '15 at 14:43
  • @Arjan, I've edited my question to show there's no signature, as mentioned in the other post. – hepabolu May 31 '15 at 15:08

1 Answers1

1

Not sure what exactly happened (i.e. which of the steps I took did the trick), but it looks like I've solved the problem.

Reading several blog posts:

I found that 'socketfilterfw' is the commandline version that drives the list in the System Preferences pane.

The second URL shows the current list of options, valid under Yosemite. The first one uses options that are not valid anymore in Yosemite.

This is what I did:

cd /usr/libexec/ApplicationFirewall
sudo ./socketfilterfw --add "/Applications/Canon\ Utilities/MP\ Navigator\ 5.0.app"
sudo ./socketfilterfw --unblockapp "/Applications/Canon\ Utilities/MP\ Navigator\ 5.0.app"

Finally, I rebooted the laptop.

Now, the application is not visible in the list of apps, but it does work.

I haven't found the meaning of the -T, -U, -B and -L options.

Hope this helps somebody in the future.

hepabolu
  • 111
  • 3