The only way is to tinker with the System Integrity Protection settings: boot into recovery mode and launch terminal. Open (with sudo) System/Library/LaunchDaemons/ and look for this: Īnd add the line -e to ultimately make it like this: Ĭaveat: Apple no longer allows to change the launch demon files just like that (not with sudo, nor chmod, nor anything else). Now, if you need this happen automatically after every restart, another tiny bit of work needs to be done: the launch daemon for pfctl needs to be updated (the referenced gist mentions that pf is enabled automatically on boot, however this does not seem to be the case from looking at the code). Just restart pfctl by issuing sudo pfctl -d to disable it first and then sudo pfctl -fe /etc/pf.conf to start it again. Load anchor "pow" from "/etc/pf.anchors/redirection" #added for redirection/port forwardingĪnd that's almost it. Load anchor "com.apple" from "/etc/pf.anchors/com.apple" Rdr-anchor "redirection" #added for redirection/port forwarding Ultimately, this is what the pf.conf file should look like: scrub-anchor "com.apple/*" Open the pf.conf file with sudo and add rdr-anchor "redirection" after the last rdr-anchor line (which is rdr-anchor "com.apple/*") and add load anchor "redirection" from "/etc/pf.anchors/redirection" at the end. Once the new anchor file has been created, it needs to be referenced within the pf.conf file. This is basically a regular text file and contains the following line (just like in the answer of Kevin Leary): rdr pass on lo0 inet proto tcp from any to 192.168.99.100 port = 80 -> 127.0.0.1 port 8000. Adding an alias to ifconfig isn't really necessary, pfctl alone is sufficient: to achieve this the pf.conf file at /etc/pf.conf needs to be modified.įirst we create (with sudo) a new anchor file (let's call it redirection) at: /etc/pf.anchors/redirection. This answer is largely based on the approach mentioned at this gist.Īs OP mentions, pointing a browser at 192.168.99.100 should get a response from a server at localhost:8000. So I had to make something better (cleaner) and decided to share it here for posterity. Unfortunately, the answer of Nafe uses ipfw which is now deprecated and unavailable in OSX and the answer of Kevin Leary is indeed a bit hackish. I too had to do a similar thing recently, and in searching came upon this answer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |