Skip to content

Instantly share code, notes, and snippets.

Created January 7, 2016 15:05
What would you like to do?
OS X Redirect ports 80 and 443 to 8080 and 8443 respectively

Changes with .dev domains in mind.

Create /etc/pf.anchors/dev, containing:

rdr pass inet proto tcp from any to any port 80 -> port 8080
rdr pass inet proto tcp from any to any port 443 -> port 8443

Edit /etc/pf.conf. After rdr-anchor "*" insert rdr-anchor "dev" (on its own line). After load anchor "" from "/etc/pf.anchors/" insert load anchor "dev" from "/etc/pf.anchors/dev" (again on its own line). It'll look something like this:

scrub-anchor "*"
nat-anchor "*"
rdr-anchor "*"
rdr-anchor "dev"
dummynet-anchor "*"
anchor "*"
load anchor "" from "/etc/pf.anchors/"
load anchor "dev" from "/etc/pf.anchors/dev"

Test the config:

sudo pfctl -v -n -f /etc/pf.conf

Then reload:

sudo pfctl -ef /etc/pf.conf
Copy link

Dobika commented Aug 10, 2018


Thank your for this gist. Is it possible to make pfctl permanent? I have to run it every startup.

Copy link

@Dobika, I haven't tried this yet, but this guy has a recommended solution that uses the vagrant-triggers plugin:

Copy link

Dobika commented Sep 17, 2018

Thank you @immersiontravis, I'll look into it!

Copy link

There's no need to tamper the pf.conf itself, you can create a custom one.
touch /etc/pf-anything.conf

Copy link

xoryves commented Nov 1, 2021

There is no need to edit /etc/pf.conf. It seems it is even discouraged to do this.
Running sudo pfctl -a '' -f /etc/pf.anchors/dev -e works for me.

To enable pf and load the custom anchor at startup just copy /System/Library/LaunchDaemons/ to /Library/LaunchDaemons/dev.pfctl.plist and replace the ProgramArguments with:


Enable with sudo launchctl load /Library/LaunchDaemons/dev.pfctl.plist.

Worked for me with macOS 11.6 and has survived upgrade to 12.0.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment