Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
OS X Redirect ports 80 and 443 to 8080 and 8443 respectively

Changes with .dev domains in mind.

Create /etc/pf.anchors/dev, containing:

rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080
rdr pass inet proto tcp from any to any port 443 -> 127.0.0.1 port 8443

Edit /etc/pf.conf. After rdr-anchor "com.apple/*" insert rdr-anchor "dev" (on its own line). After load anchor "com.apple" from "/etc/pf.anchors/com.apple" insert load anchor "dev" from "/etc/pf.anchors/dev" (again on its own line). It'll look something like this:

scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "dev"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "dev" from "/etc/pf.anchors/dev"

Test the config:

sudo pfctl -v -n -f /etc/pf.conf

Then reload:

sudo pfctl -ef /etc/pf.conf
@Haarolean
Copy link

Haarolean commented Jun 8, 2019

There's no need to tamper the pf.conf itself, you can create a custom one.
touch /etc/pf-anything.conf

@xoryves
Copy link

xoryves commented Nov 1, 2021

There is no need to edit /etc/pf.conf. It seems it is even discouraged to do this.
Running sudo pfctl -a 'com.apple/dev' -f /etc/pf.anchors/dev -e works for me.

To enable pf and load the custom anchor at startup just copy /System/Library/LaunchDaemons/com.apple.pfctl.plist to /Library/LaunchDaemons/dev.pfctl.plist and replace the ProgramArguments with:

	<key>ProgramArguments</key>
	<array>
		<string>pfctl</string>
		<string>-a</string>
		<string>com.apple/dev</string>
		<string>-f</string>
		<string>/etc/pf.anchors/dev</string>
		<string>-e</string>
	</array>

Enable with sudo launchctl load /Library/LaunchDaemons/dev.pfctl.plist.

Worked for me with macOS 11.6 and has survived upgrade to 12.0.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment