Last active
November 29, 2016 10:16
-
-
Save raupachz/3c0ce9eb24c6e07517b13149674371d8 to your computer and use it in GitHub Desktop.
pf with macOS Sierra
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# About | |
macOS Sierra ships with PF (Packet Filter, also written pf) a BSD licensed stateful packet filter, | |
a central piece of software for firewalling. It is comparable to netfilter (iptables), ipfw and ipfilter. | |
[quoted from wikipedia] | |
We need Apache Tomcat for development. It run uses the standard unprivileged 8080 and 8443 ports. | |
To make development easier we set up port forwarding. | |
# Port Forwarding on macOS Sierra | |
Apache Tomcat used | |
Create a anchor file "tomcat" in /etc/pf.anchors and add two lines: | |
rdr pass on lo0 inet proto tcp from any to any port = 80 -> 127.0.0.1 port 8080 | |
rdr pass on lo0 inet proto tcp from any to any port = 443 -> 127.0.0.1 port 8443 | |
Next we need a pfctl config file in /etc/pf-tomcat.conf | |
rdr-anchor "forwarding" | |
load anchor "forwarding" from "/etc/pf.anchors/tomcat" | |
To enable and disable port forwarding we use the following commands: | |
sudo pfctl -ef /etc/pf-tomcat.conf | |
sudo pfctl -df /etc/pf-tomcat.conf | |
-e for enable and -d for disable. The -f is used to flush. | |
# References | |
+ https://en.wikipedia.org/wiki/PF_%28firewall%29 | |
+ https://www.openbsd.org/faq/pf/ | |
+ http://blog.brianjohn.com/forwarding-ports-in-os-x-el-capitan.html | |
+ http://blog.scottlowe.org/2013/05/15/using-pf-on-os-x-mountain-lion/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment