I tested on 10.8.5 and /private/etc/hosts.allow is working as described in here.
I don't use pf but found this may be helpful.
It works on 10.6 but I can get it to work on 10.8. tcpd is removed from 10.8.
To be sure, I just tested again, It does not work, IP addresses are not blocked.
Under 10.6 it does work.
I had found the site of krypted, but just too cryptic for me.
10.8.5 has no more tcpd
If you type man tcpd ( terminal ) what is the response?
On 10.8.5 I get: No manual for tcpd
Yes, you are right, there is no tcpd in my 10.8.5 too.
and I really think yesterday I saw the connection is rejected once, but today I can't see it...
I use OSX Server, but there may not be any difference.
Sorry for useless post.
I found a doc 'OS X Server: How to enable the adaptive firewall'
according to this, I could block an IP using
sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -a xx.xx.xx.xx -t 3
but it seems after 3 or 5 minutes the ip continue blocked. Then I stop pf by
sudo pfctl -d
to enable connection.
1) Edit /etc/pf.conf
sudo vi /etc/pf.conf
2) Add these at bottom
block from xx.xx.xx.xx to any
3) start pf
sudo pfctl -f /etc/pf.conf
sudo pfctl -e
Then the ip is blocked, but 'PF will not be automatically enabled' (written in pf.conf) so some more work is need.
Maybe we can to configre Server.app, I found this http://support.apple.com/kb/PH15528
Then when the firewall is recognized ,it seems to posible to edit files:
(Not yet test it)
Disadvantage is that an attacker can still do 10 login attempts before block fore some time.
I will search if it is possible to block IP address with the Server.app.
Please continue to find a solution
I missed that 2nd step in
enabling pf, not af.
So, add it as
5) 'Edit /System/Library/LaunchDaemons/com.apple.pfctl.plist so that pfctl(8) is invoked with the -e flag.'
I can't test now not having a mac rebootable.
If this works, 3) and 4) is not need, ofcourse.
af seems a part of Server.app , but pf is not. If so, the 5 steps can be applied on OSX without Server.
Yes, it is better not to use the Server.app, Filemaker Server 13 don't allow the Server.app ( except with some modification )
I have to find time to test it.
Of course, Contribution of an expert is appreciated