Skip to content

Instantly share code, notes, and snippets.

@ryanzhou

ryanzhou/pf.md

Last active October 21, 2019 03:52
Show Gist options
  • Save ryanzhou/8adca7038639f0f5fb0e to your computer and use it in GitHub Desktop.
Save ryanzhou/8adca7038639f0f5fb0e to your computer and use it in GitHub Desktop.
Download ZIP
Getting Pow to work in OS X Yosemite
Raw
pf.md

Getting Pow to work in OS X Yosemite

Some parts taken from: https://gist.github.com/kujohn/7209628

ipfw is officially deprecated and removed in OS X Yosemite. Pow requires another program pf to handle the port forwarding.

1. Anchor file

Create file /etc/pf.anchors/pow

rdr pass on lo0 inet proto tcp from any to 127.0.0.1 port = 80 -> 127.0.0.1 port 20559

Note: Trailing line break is important.

2. Reference anchor in pf.conf

Insert rdr-anchor "pow" and load anchor "pow" from "/etc/pf.anchors/pow" at correct places in /etc/pf.conf, so that it looks like this:

scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "pow"  # Pow port forwarding
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "pow" from "/etc/pf.anchors/pow"  # Pow port forwarding

3. Enabling pf

Note: In newer versions of Yosemite Developer Preview, it seems that pf is enabled automatically on boot.

You can enable pf manually via sudo pfctl -ef /etc/pf.conf

However, to enable pf automatically after every boot, save the following as /System/Library/LaunchDaemons/com.apple.pfctl.plist:

<key>ProgramArguments</key>
<array>
<string>pfctl</string>
<string>-e</string>
<string>-f</string>
<string>/etc/pf.conf</string>
</array>
@koenpunt
Copy link

@pattulus revert the changes you've already done and replace the ipfw add fwd 127.0.0.1.... in /Library/LaunchDaemons/cx.pow.firewall.plist with the following:

echo "rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559" | pfctl -a 'com.apple/250.PowFirewall' -f - -E

After an reboot you'll be up and running.

Or the complete file contents:

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>Label</key>
        <string>cx.pow.firewall</string>
        <key>Program</key>
        <string>/bin/sh</string>
        <key>ProgramArguments</key>
        <array>
                <string>sh</string>
                <string>-c</string>
                <string>echo "rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 20559" | pfctl -a "com.apple/250.PowFirewall" -f - -E</string>
        </array>
        <key>RunAtLoad</key>
        <true/>
        <key>UserName</key>
        <string>root</string>
</dict>
</plist>

@esambo
Copy link

esambo commented Oct 18, 2014

Pow 0.5.0 has it fixed

@craigquincy
Copy link

Perfect, thanks!

@jmaddi
Copy link

jmaddi commented Jan 3, 2015

By the way, if you are using the app SelfControl it can cause similar symptoms. If you need to fix it instantly, comment out the lines:

anchor "org.eyebeam"
load anchor "org.eyebeam" from "/etc/pf.anchors/org.eyebeam"

then restart pf.

@mhui
Copy link

mhui commented Mar 21, 2015

Works. Thank you!

@jaredatron
Copy link

This worked for me. Thank you!

@jakeatwork
Copy link

@jmaddi - brilliant! forgot all about that app. i can wait the remaining 1hr 47 min. :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment