norio-nomura/Setup transparent proxy with VMware Fusion.md

## Setup transparent proxy with VMware Fusion.md

      
    Raw
  

              Setup transparent proxy with VMware Fusion.md
            
          
    Setup transparent proxy with VMware Fusion


Add network (vmnet3) to VMware Fusion

sudo vi /Library/Preferences/VMware\ Fusion/networking
 answer VNET_1_HOSTONLY_SUBNET 172.16.92.0
 answer VNET_1_VIRTUAL_ADAPTER yes
 answer VNET_1_VIRTUAL_ADAPTER_ADDR 172.16.92.1
+answer VNET_3_DHCP yes
+answer VNET_3_DHCP_PARAM_DNS_ADDR 172.16.12.1
+answer VNET_3_DHCP_PARAM_ROUTERS 172.16.12.1
+answer VNET_3_HOSTONLY_NETMASK 255.255.255.0
+answer VNET_3_HOSTONLY_SUBNET 172.16.12.0
+answer VNET_3_NAT yes
+answer VNET_3_VIRTUAL_ADAPTER yes
+answer VNET_3_VIRTUAL_ADAPTER_ADDR 172.16.12.1
 answer VNET_8_DHCP yes
 answer VNET_8_DHCP_CFG_HASH 233D9DA58316AF2F99389DF3E1C86B1A08F9D28A
 answer VNET_8_HOSTONLY_NETMASK 255.255.255.0

sudo /Applications/VMware\ Fusion.app/Contents/Library/vmnet-cli --configure
sudo /Applications/VMware\ Fusion.app/Contents/Library/vmnet-cli --start


Setup dnsmasq as DNS server on vmnet3

brew install dnsmasq
mkdir -p /usr/local/var/dnsmasq
In /usr/local/etc/dnsmasq.conf add:
# Interface
interface=vmnet3
except-interface=lo0
listen-address=172.16.12.1

# DNS server
# Never forward plain names (without a dot or domain part)
domain-needed
# Never forward addresses in the non-routed address spaces.
bogus-priv
# Never poll /etc/resolv.conf for changes
no-poll


sudo brew services start dnsmasq


Enable ip forwarding and NAT

In /etc/sysctl.config add:
net.inet.ip.forwarding=1


sudo sysctl net.inet.ip.forwarding=1
In/etc/pf.conf under rdr-anchor “com.apple/*” add:
nat on en1 proto {tcp, udp} from 172.16.12.0/24 to any -> (en1)
rdr on vmnet3 inet proto tcp from any to any port 80 -> 127.0.0.1 port 8888
rdr on vmnet3 inet proto tcp from any to any port 443 -> 127.0.0.1 port 8888
pass from {lo0, 172.16.12.0/24} to any keep state


sudo pfctl -ef /etc/pf.conf