Sustainable Sustworks - Tools for Internet Travel
Inspired Tools for the Mac


IPNetSentryX ReadMe


1. Introduction
2. Features
3. System Requirements
4. Installation and Removal
5. How To Get Started
6. Version History
7. Registration and Licensing
8. Thank You! (contact information)

1. Introduction

IPNetSentryX is an advanced firewall intrusion detector, that includes detailed logging, Ethernet bridging, TCP rate limiting, traffic discovery, and bandwidth accounting.

Unlike most other Internet security products, IPNetSentry does not erect barriers for the safe use of your Internet connection. There is no need to "punch holes" in a firewall for specific applications you may wish to run. Instead, IPNetSentry silently and intelligently watches for suspicious behavior, and when triggered, invokes a solid filter which completely bans the potential intruder from your Macintosh.

If you prefer not to read detailed instructions, open the IPNetSentryX QuickStart ReadMe to begin using the software immediately.


2. Features

  • Provides intelligent protection without expert configuration.
  • Does not interfere with normal network operation or software.
  • Hierarchical filter rules are easy to understand, efficient, and offer exceptional control over network traffic.
  • Supports data content filtering to stop Internet worms.
  • Safely ignores promiscuous TCP resets.
  • Unique on screen updates show firewall rules in action.
  • Includes tools to identify the source of suspected intruders.
  • Flexible network event monitoring and Email notification.
  • Full Macintosh user interface makes these tools more accessible

The simple well organized display with built-in examples allow both new
and experienced Internet users to benefit from a powerful firewall intrusion detector.


3. IPNetSentryX System requirements

Version 1.3.1 Requires Mac OS X 10.2 (Jaguar) or later.
Version 1.4 Requires Mac OS X 10.3.9 (Panther) or later.
Version 1.7 Requires Mac OS X 10.4 (Tiger) or later.
Mac on Intel requires version 1.5 or later.
Mac OS X Leopard requires version 1.5.1 or later.

4. Installation and Removal

To install or remove the software, simply drag a copy to your hard drive. The first time IPNetSentryX is run it will ask you to authenticate to complete the installation process.

Under UNIX operating systems including Mac OS X, certain operations require special permission or privileges to prevent unauthorized users from disrupting or spying on other users. While well intentioned, these conventions are often inappropriate for a "personal" computer where a single user owns and administers the system. Among the operations that require such privileges are monitoring all network traffic.

IPNetSentryX takes the personal computer view that the user should normally be in control of their computer, so tries to minimize the disruption of asking the user to prove they are authorized to perform the requested operation.

To monitor network traffic, IPNetSentryX includes a tiny server application named "LoadNKE" that must run as suid root. When IPNetSentryX is first run after being copied to a new location, it checks to see if the LoadNKE tool is present and set to suid root. The same process is repeated for "RunTCPDump", and "RunTCPFlow". If any of these tools are not authorized, it asks you to authenticate so it can configure them to run as suid root. You might think of this as completing the installation process. From that point on, no further authentication is necessary to perform any of the restricted operations IPNetSentryX supports.

Normally allowing small programs to execute as root is not a problem unless the program seeks to compromise your system or is exploited by another program to carry out such an attack. The best defense against such exploits at this time is to only run software from reputable developers. IPNetSentryX takes advantage of Leopard Code signing to alert you of any unintended modifications to the software.

IPNetSentryX uses a Network Kernel Extension (NKE) to intercepts network traffic while the Firewall is enabled. When the firewall is disabled, the NKE module is automatically removed from the corresponding data stream. The NKE normally remains loaded until you restart your system since other applications might be using it. You can try forcing the NKE to unload by selecting "Unload NKE" from the IPNetSentryX application menu. This feature allows you to load a newer version of the NKE without restarting your system. The NKE will only unload when all monitoring connections to it have been stopped.

To remove the software, drag the IPNetSentryX application to the trash. If you wish to remove the supporting files installed with the software, you may drag /Library/Application Support/IPNetSentryX to the trash as well. This may ask you to authenticate since some of the helper tools have been configured to allow privileged operations and are "owned" by root. If you configured IPNetSentryX to launch as a Mac OS X startup item, you wish to stop that instance using Apple's Activity Monitor and remove the corresponding startup item file.


5. How to Get Started

If you prefer not to read detailed instructions, open the IPNetSentryX QuickStart ReadMe to begin using the software immediately.

To begin using IPNetSentryX, launch the application completing the installation process if necessary. An untitled firewall document appears containing the default firewall configuration. Use the disclosure triangles along the left side of the outline to examine any rules in more detail. Option-Expand will expand all the rules beneath a single item.

When you are ready, press "Apply" to load your firewall rules to the network kernel and select "Enable Firewall". Congratulations, you now have basic firewall protection. You can watch as network traffic matching a firewall rule is detected (select "Match Count" under the Parameter Popup) or check the Log to see suspected intruders being denied access. You can edit and "Apply" new rules at any time without restarting the firewall.

Of course there is much more you can do.

Help is available on the various tools and features from the Help menu. If you press Option-Help, the corresponding help file will open in your web browser which may be more convenient for browsing. This is probably the best way to familiarize yourself with the more advanced features of the software since you can experiment with the window while you read the description.

Notice some rules in the default configuration may be disabled. You can easily turn individual firewall rules on or off to experiment or satisfy more advanced requirements. To enable or disable individual firewall rules, use the corresponding checkbox in the left most column and press "Apply" to invoke your changes. You can save your customized settings as IPNetSentryX documents and invoke them automatically at login time or when your system starts up.

Once you are comfortable IPNetSentryX is working as desired, you can configure it to launch as a Mac OS X startup item outside the context of any user login. To do this drag the "" startup item in /Library/Application Support/IPNetSentryX/HelperTools to /Library/StartupItems. You can launch IPNetSentryX from the Finder and select "Tool->Expert View" to see the currently running firewall status. If you encounter difficulty, you can restart while pressing the Shift key to prevent startup items from loading and then remove IPNetSentryX from the /Library/StartupItems folder.


6. IPNetSentryX Version History

See "Release Notes" under IPNetSentryX Help for version history including the latest features and additions.


7. Registration and Licensing

IPNetSentryX is commercial software subject to the terms of the accompanying License Agreement. You may use a demo version of the software during a single trial period of up to 21 days. You must then register the software if you wish to continue using it beyond the trial period.

Notice the trial is designed to expire after 21 days. If the software reports it has expired the first time you launch it, this usually means someone ran a previous version of the program on your computer. Please contact us directly for information on how to reset the trial period.

Once you have downloaded the application, you can register it on-line at

A "registration key" that unlocks the trial period will be sent to you by email once your registration information is received. You can simply copy the text of this Email message to the clipboard (as if you were going to paste it into another application) and then launch the IPNetSentryX application, or paste into the "registration key" field of the registration window or demo startup dialog. Your program is now registered. Thank You!

Single User $60
Upgrade $30

Additional payment details are available on our registration web page at



8. Thank You!

We hope you find our IPNetSentryX software useful and look forward to your comments and suggestions.

Support help <>

or mail us at:

Sustainable Softworks
13 Fieldside DR
Cumberland, RI 02864 USA

[End of ReadMe]