I wanted to rewrite ports on incoming tcp packets (on OSX) on my host machine, so that a web server on a guest vm appears to be running on the host.
Incoming packets on port 80 should get rewritten to 8080, and incoming packets on port 443 should get rewritten to port 8443.
I asked about this on hipchat a few days ago and nobody seemed to know the answer - I recently found it, and so decided to share in case this is useful to anybody.
1: write the rules
Put these rules into a file called
loopback = "lo0" vm_web_http_port = "8080" vm_web_https_port = "8443" rdr inet proto tcp \ from any to any \ port http -> $loopback port $vm_web_http_port rdr inet proto tcp \ from any to any \ port https -> $loopback port $vm_web_https_port
2: activate them
# enable packet filtering $ sudo pfctl -e # load the rules $ sudo pfctl -f vagrant-web-packet-filtering.conf
3: forward the ports in your Vagrantfile
... config.vm.network :forwarded_port, guest: 80, host: 8080 config.vm.network :forwarded_port, guest: 443, host: 8443 ...
when you're done, disable these rules with:
$ sudo pfctl -F all