pf error - "No ALTQ support in the kernel"... What does this mean?
Solution 1:
You need to enable Firewall:
System Preferences -> Security & Privacy -> Firewall -> Turn On Firewall
(Under the hood it doing sudo pfctl -E
)
if you would try after that : sudo pfctl -s info
it shouldn't blame about ALTQ
Solution 2:
I believe you have mistaken the output of your command:
sudo pfctl -s rules
The ouput lists a warning:
No ALTQ support in kernel
With further information regarding that warning:
ALTQ related functions disabled
It then goes on to list the active rules as requested:
scrub-anchor "com.apple/*" all fragment reassemble
anchor "com.apple/*" all
You can find some further information, including the meaning of the output above, here:
https://krypted.com/mac-security/a-cheat-sheet-for-using-pf-in-os-x-lion-and-up/
I use Little Snitch on macOS, which as I remember, but could be wrong, uses pf
for the backend.
ALTQ is used for traffic shaping. Here is information on traffic shaping (and ALTQ) for the pfSense open source project. pfSense, as its name suggests, utilizes pf
and is based on FreeBSD, which macOS is also (to an extent). I only give it to provide to information about ALTQ (and what pf
is capable of in relation).
https://docs.netgate.com/pfsense/en/latest/book/trafficshaper/index.html
I would venture to comment that ALTQ traffic shaping might be better served at an edge firewall/router than on a workstation, and no great loss that it is not enabled on macOS (as Apple has abandoned it as a meaningful server operating system and focused on consumer desktop application usage). YMMV.