Skip to content

Instantly share code, notes, and snippets.

@gquittet

gquittet/macOS-native-proxy.md

Last active October 5, 2020 12:25
Show Gist options
  • Save gquittet/19d0d98c59424fb688183c7a454542f0 to your computer and use it in GitHub Desktop.
Save gquittet/19d0d98c59424fb688183c7a454542f0 to your computer and use it in GitHub Desktop.
Download ZIP
macOS-native-proxy
Raw
macOS-native-proxy.md

macOS native proxy

Add this to /etc/hosts

192.168.0.X dev.mydomain.com

Example

192.168.0.4 dev.supersite.com

Add the host to loopback

sudo ifconfig lo0 192.168.0.X alias

Example

sudo ifconfig lo0 192.168.0.4 alias

Create an exception file /etc/pf.anchors/myfile

Example

/etc/pf.anchors/com.myworld

Write an exception inside it

rdr pass on lo0 inet proto tcp from 192.168.0.X to self port 80 -> 127.0.0.1 port XXXX

Example

rdr pass on lo0 inet proto tcp from 192.168.0.4 to self port 80 -> 127.0.0.1 port 8081

Add an exception in /etc/pf.conf

  1. Add rdr-anchor below the rdr-anchor of Apple
rdr-anchor "com.apple/*"
rdr-anchor "port80"
  1. Add load anchor below the Apple one
load anchor "port80" from "/etc/pf.anchors/com.myworld"

Exception

If macOS refuse to forwards IPs you can enable IP forwarding with:

sudo sysctl net.inet.ip.forwarding=1

How to test your configuration

Simply run:

sudo pfctl -ef /etc/pf.conf

How to update configuration

sudo pfctl -f /etc/pf.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment