🖕com.checkpoint.cpfw
Ok, this one is another from the "Hard Headache" series.
If you can’t ping your own computer (macbook in my case) in your private network but you can access any other device from that computer, keep reading...
tl;dr: The problem might be with com.checkpoint.cpfw which is macOS’s kernel extension of the Check Point Endpoint Security VPN for macOS. To be sure run this command in your terminal kextstat -kl | awk ' !/apple/ { print $6 } '
This gives you list of all 3rd party kernel extensions and if the com.checkpoint.cpfw is one of it, it's most likely blocking your network access. To remove it call sudo /Library/Application\ Support/Checkpoint/Endpoint\ Connect\uninstall.
Long story:
Today I tried to connect to my macbook from my smartTV for some reason and I was getting errors. So, I tried to connect to the laptop from my iPhone and I couldn't too. Even ping didn't work. Which was weird - everything was whitelisted, the router was correctly setup, no firewall, no blocked ports, no other things that could block it. I even could ping any device in the network from that macbook.
The biggest mistery was that my phone could see the macbook but the ping was failing. I kept running the ping while I ran the sudo tcpdump -i en1 dst host 192.168.1.20 on my macbook and I could see the ping packets! This command tells you about every incoming packet - so if I can see the ping packets but I can't ping, something has to block transmission in my computer.
After hours of practicing google-fu I finally tried to list all kernel extensions: kextstat -kl | awk ' !/apple/ { print $6 } '. The com.checkpoint.cpfw was first in the list and I started to be suspicious. WTF is that, I've never heard of it. This thing is so hidden that you don't even see it in running processes. When I google it I was told it's related to VPN. That was smelly and I recalled I installed some VPN tool ages ago in order to connect to one of my client's VPN. Installing this software was the only option how to get there - it was Microsoft VPN and I had to get there from macOS. After another hour I was able to locate its files and how to remove them from the system by calling simple sudo /Library/Application\ Support/Checkpoint/Endpoint\ Connect\uninstall. Right after the removal the ping started working again.
I remember I uninstalled this software when I didn't need it anymore. But the b!7c# obviously stayed hidden in my system.
Stay away from Check Point Endpoint Security VPN for macOS!















