Skip to content

Instantly share code, notes, and snippets.

@ryanzhou

ryanzhou/pf.md

Last active October 21, 2019 03:52
Show Gist options
  • Star 53 You must be signed in to star a gist
  • Fork 8 You must be signed in to fork a gist
  • Save ryanzhou/8adca7038639f0f5fb0e to your computer and use it in GitHub Desktop.
Save ryanzhou/8adca7038639f0f5fb0e to your computer and use it in GitHub Desktop.
Download ZIP
Getting Pow to work in OS X Yosemite
Raw
pf.md

Getting Pow to work in OS X Yosemite

Some parts taken from: https://gist.github.com/kujohn/7209628

ipfw is officially deprecated and removed in OS X Yosemite. Pow requires another program pf to handle the port forwarding.

1. Anchor file

Create file /etc/pf.anchors/pow

rdr pass on lo0 inet proto tcp from any to 127.0.0.1 port = 80 -> 127.0.0.1 port 20559

Note: Trailing line break is important.

2. Reference anchor in pf.conf

Insert rdr-anchor "pow" and load anchor "pow" from "/etc/pf.anchors/pow" at correct places in /etc/pf.conf, so that it looks like this:

scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "pow"  # Pow port forwarding
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "pow" from "/etc/pf.anchors/pow"  # Pow port forwarding

3. Enabling pf

Note: In newer versions of Yosemite Developer Preview, it seems that pf is enabled automatically on boot.

You can enable pf manually via sudo pfctl -ef /etc/pf.conf

However, to enable pf automatically after every boot, save the following as /System/Library/LaunchDaemons/com.apple.pfctl.plist:

<key>ProgramArguments</key>
<array>
<string>pfctl</string>
<string>-e</string>
<string>-f</string>
<string>/etc/pf.conf</string>
</array>
@patrickwelker
Copy link

I'm getting the same error as @liquid. The thing is, it used to work just a couple of weeks ago.

That's why I'm positive it is not a trailing line break issue (… at least for me). I set the fix up starting from scratch just to be sure, but sudo pfctl -ef /etc/pf.conf still gives the ALTQ warning.

Besides that I also get the infamous self-test fail message:

*** Performing self-test...
!!! Couldn't find a running Pow server on port 20559

And of course the devastating X when trying to launch my app:

pow-fail

Any help is appreciated. It would be cool to have pow working again.

@chrise86
Copy link

@pattulus I'm having the same problem, did you manage to fix it?

@patrickwelker
Copy link

@chrise86 Yes. I just got it… despite of posting a panic question at this issue thread (Yosemite Support #452).

First I added the correct network adapters names:

rdr pass on lo0 inet proto tcp from any to 127.0.0.1 port = 80 -> 127.0.0.1 port 20559
rdr pass on en0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559
rdr pass on en1 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559
rdr pass on en2 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559

… then still nothing worked until I found out that I had a messed up "Hosts" SymLink in ~/Library/Application Support/Pow. It's now running again. So if you tinker a lot in your files, definitely check if that folder is symlinked to ~/.pow.

@koenpunt
Copy link

@pattulus revert the changes you've already done and replace the ipfw add fwd 127.0.0.1.... in /Library/LaunchDaemons/cx.pow.firewall.plist with the following:

echo "rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559" | pfctl -a 'com.apple/250.PowFirewall' -f - -E

After an reboot you'll be up and running.

Or the complete file contents:

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>cx.pow.firewall</string>
        <key>Program</key>
        <string>/bin/sh</string>
        <key>ProgramArguments</key>
        <array>
                <string>sh</string>
                <string>-c</string>
                <string>echo "rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559" | pfctl -a "com.apple/250.PowFirewall" -f - -E</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>UserName</key>
        <string>root</string>
</dict>
</plist>

@esambo
Copy link

esambo commented Oct 18, 2014

Pow 0.5.0 has it fixed

@craigquincy
Copy link

Perfect, thanks!

@jmaddi
Copy link

jmaddi commented Jan 3, 2015

By the way, if you are using the app SelfControl it can cause similar symptoms. If you need to fix it instantly, comment out the lines:

anchor "org.eyebeam"
load anchor "org.eyebeam" from "/etc/pf.anchors/org.eyebeam"

then restart pf.

@mhui
Copy link

mhui commented Mar 21, 2015

Works. Thank you!

@jaredatron
Copy link

This worked for me. Thank you!

@jakeatwork
Copy link

@jmaddi - brilliant! forgot all about that app. i can wait the remaining 1hr 47 min. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment