Edit outgoing IP packets

macos software-recommendation network catalina

You can do one of two things:

(a) Configure macOS's native packet filter, PF, to forward packets to a "divert socket" (akin to a Unix socket on Linux; see divert(4)). An application running in userspace can then listen on this divert socket and inspect packets, followed by dropping them or handing them back to the kernel (with or without modification) for sendoff. See this blog post for an example config, and pfctl(8), pf.conf(5), and the PF User's Guide for comprehensive info on PF's capabilities and how to configure it.

(b) Deploy a kernel extension which uses the native IP filter interface, IPF (akin to Linux's Netfilter), to inspect, modify, and drop packets. See Jonathan Levin's Mac OS X and iOS Internals for details; the 1st edition describes this interface in §17.7.4 IP Filters (page 698).

I don't know of any general-purpose daemons that work on principle (a) or kexts that use principle (b) that allow you to write config files that specify rules for modifying and dropping packets in transit, so it seems like you'd need to write your own daemon or kext for your specific use case.

Related

MacBook Pro 15" 2017 runs hot while sleeping & closed lit
How do I find out which touchpad driver is being used?
What is the constant function, exactly?
Weyl's theorem over non-algebraically closed fields
If $\lim_{x \to \infty}f(x)=\lim_{x \to \infty}g(x)=0$, and $\lim_{x \to \infty}\frac{f'(x)}{g'(x)}=l$, then $\lim_{x \to \infty}\frac{f(x)}{g(x)}=l$
Prove if $x$ orthogonal to null space of $A$, $A^TAx = 0$ only when $x = 0$
Prove that the intersection have infinite elements
Complement of the $3$-dimensional Cube $\overline {Q_3}$ is nonplanar
Find the sum of all natural numbers less than and coprime to $N=25200$
Polya's urn as a counterexample for the Kolmogorov 0-1 law
Applying Burnside's Lemma to a Permutational Problem.
Which of the following statements are definitely correct?