MacOS X - iptables?

There is a thing similar to iptables called pf.

Configuration

The configuration file is located in the /etc/pf.conf

To get started, let’s look at the /etc/pf.conf configuration file that comprises pf:

scrub-anchor "com.apple/*"

nat-anchor "com.apple/*"

rdr-anchor "com.apple/*"

dummynet-anchor "com.apple/*"

anchor "com.apple/*"

load anchor "com.apple" from "/etc/pf.anchors/com.apple"

Here, you can see that pf is configured with a number of anchors. An anchor is a collection of rules and tables. Basically, the anchor file being loaded is /etc/pf.anchors/com.apple.

When you make change changes to your pf.conf, you can use this command to check the validness of the config:

sudo pfctl -v -n -f /etc/pf.conf

When testing, run in verbose mode with:

sudo pfctl -v /etc/pf.conf

If you set it up correctly, it should show something like pf enabled

can also add information on the fly. For example, to add a table of 127.0.0.0/24 call localsub: sudo pfctl -t localsub -T add 127.0.0.0/24

Once the configuration is clear, you can run pfctl -q to turn on quiet mode to make things faster.

There is more information in more detail on the reference site.

References:

• http://krypted.com/mac-security/a-cheat-sheet-for-using-pf-in-os-x-lion-and-up/