pf error - "No ALTQ support in the kernel"... What does this mean?

Solution 1:

You need to enable Firewall:
System Preferences -> Security & Privacy -> Firewall -> Turn On Firewall
(Under the hood it doing sudo pfctl -E)

if you would try after that : sudo pfctl -s info it shouldn't blame about ALTQ

Solution 2:

I believe you have mistaken the output of your command:

sudo pfctl -s rules

The ouput lists a warning:

No ALTQ support in kernel

With further information regarding that warning:

ALTQ related functions disabled

It then goes on to list the active rules as requested:

scrub-anchor "com.apple/*" all fragment reassemble
anchor "com.apple/*" all

You can find some further information, including the meaning of the output above, here:

https://krypted.com/mac-security/a-cheat-sheet-for-using-pf-in-os-x-lion-and-up/

I use Little Snitch on macOS, which as I remember, but could be wrong, uses pf for the backend.

ALTQ is used for traffic shaping. Here is information on traffic shaping (and ALTQ) for the pfSense open source project. pfSense, as its name suggests, utilizes pf and is based on FreeBSD, which macOS is also (to an extent). I only give it to provide to information about ALTQ (and what pf is capable of in relation).

https://docs.netgate.com/pfsense/en/latest/book/trafficshaper/index.html

I would venture to comment that ALTQ traffic shaping might be better served at an edge firewall/router than on a workstation, and no great loss that it is not enabled on macOS (as Apple has abandoned it as a meaningful server operating system and focused on consumer desktop application usage). YMMV.