OS X 10.8: redirecting locally initiated ssh connections to localhost:22

nat routing ipfw apple pf

Solution 1:

You can do it with PF as well. However, rdr only accepts incoming packets. Thus, you have to first route those packets to lo0, then add a rdr-rule there (which will catch them as they will be routed in from "somewhere") to send them to your local SSH-server.

The order is necessarily: rdr stuff, then filter stuff (like pass), but chronologically the 2nd rule will hit first (on $Out), which will then activate the first rule (on lo0).

# Output interface
Out = en0

# A macro to shorten rules below
Packets = "proto tcp from" $Out "to any port 22"

# Rule 1: Redirect those connections _after_ they were routed to lo0 below
rdr pass log on lo0 $Packets -> 127.0.0.1

# Rule 2: Route _first_ new IPv4 TCP connections leaving $Out to lo0
pass out on $Out route-to lo0 inet $Packets

Related

How can I run a process as "NT Authority\NetworkService"?
Defining a persistent static route on Mac OS X
Incrond running but not executing commands CentOS 6.4
Configure proper DNS records for separate web host and e-mail server
SMTP-AUTH required for local domains?
Basic auth only if a certain header is present in the request?
ssh fails to execute remote command when run from cron bash script - works from CLI
Postifx header_checks not working
Unable to mount windows share in ubuntu
Copying files between linux machines with strong authentication without encryption
How to switch proxy settings via script?
How do you monitor your HP hardware while running virtual servers?