pfctl port forwarding in Mac osx?

-A PREROUTING -s 10.0.10.0/24 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -s 10.0.10.0/24 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8080
-A POSTROUTING -s 10.0.10.0/24 -o eth0 -j MASQUERADE
COMMIT

The above code is a code Ive used to forward traffic in linux.

Now I need to do the same thing in Mac OSX. 10.8 if it matters.

So, here is the deal.

Before, I was using a proxy to connect to the linux machine and using that proxy I was able to monitor traffic using mitmproxy

Now, on the mac, Im using the built in internet sharing and want to use mitmproxy which only listens to stuff from port 8080.

bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether ac:de:48:81:1d:4a 
    inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
    Configuration:
        priority 0 hellotime 0 fwddelay 0 maxage 0
        ipfilter disabled flags 0x2
    member: en0 flags=3<LEARNING,DISCOVER>
             port 5 priority 0 path cost 0

The above is the "shared connection" that I need to forward I believe.

Solution 1:

Assuming all your web traffic request will be from 192.168.2.0/24 and interface bridge0

Add following rules to /etc/pf.conf

rdr pass on bridge0 inet proto tcp from 192.168.2.0/24 to any port http -> 127.0.0.1 port 8080
rdr pass on bridge0 inet proto tcp from 192.168.2.0/24 to any port https -> 127.0.0.1 port 8080

Quick Tips

1. Test pf.conf for syntax error

   pfctl -v -n -f /etc/pf.conf
   

2. Apply/Reload the rules

   pfctl -f /etc/pf.conf
   

This is a cheat-sheet for OS X pfctl.