Changes with .dev
domains in
mind.
Create /etc/pf.anchors/dev
, containing:
rdr pass inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080
rdr pass inet proto tcp from any to any port 443 -> 127.0.0.1 port 8443
Edit /etc/pf.conf
. After rdr-anchor "com.apple/*"
insert rdr-anchor "dev"
(on its own line). After load anchor "com.apple" from "/etc/pf.anchors/com.apple"
insert load anchor "dev" from "/etc/pf.anchors/dev"
(again on its own line). It'll look something like this:
scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "dev"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "dev" from "/etc/pf.anchors/dev"
Test the config:
sudo pfctl -v -n -f /etc/pf.conf
Then reload:
sudo pfctl -ef /etc/pf.conf
There is no need to edit
/etc/pf.conf
. It seems it is even discouraged to do this.Running
sudo pfctl -a 'com.apple/dev' -f /etc/pf.anchors/dev -e
works for me.To enable pf and load the custom anchor at startup just copy
/System/Library/LaunchDaemons/com.apple.pfctl.plist
to/Library/LaunchDaemons/dev.pfctl.plist
and replace the ProgramArguments with:Enable with
sudo launchctl load /Library/LaunchDaemons/dev.pfctl.plist
.Worked for me with macOS 11.6 and has survived upgrade to 12.0.1.