6

I am trying to set up a proxy on OSX to intercept traffic. I found that the native way to do it is using pfctl and using a transparent proxy tool like mitmproxy or Burp Suite. Mitmproxy has a chapter in their docs about how to set up the Mac with pfctl and for Burp Suite you can find this instruction. However, none of these are showing traffic in mitmproxy or burp.

My /etc/pf.conf

scrub-anchor "com.apple/*"
nat-anchor "com.apple/*"
rdr-anchor "com.apple/*"
rdr-anchor "forwarding"
dummynet-anchor "com.apple/*"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
load anchor "forwarding" from "/etc/pf.anchors/forwarding"

and my /etc/pf.anchors/forwarding (en0 is my working wifi adapter)

rdr log (all) on en0 inet proto tcp to any port 80 -> 127.0.0.1 port 8080
rdr log (all) on en0 inet proto tcp to any port 443 -> 127.0.0.1 port 8080

I am also setting 

▶ sudo sysctl -w net.inet.ip.forwarding=1
▶ sudo sysctl -w net.inet6.ip6.forwarding=1

and these commands work without throwing an error

▶ sudo pfctl -vnf /etc/pf.conf
▶ sudo pfctl -evf /etc/pf.conf

Here is another related question, but as I am on Sierra, the answer does not apply to me.

Community
  • 1
  • 1
Robbsen
  • 143
  • 1
  • 9
  • 1
    Did you ever find a solution to this? I've run into a similar issue on MacOS Mojave (10.14) - I'm trying to port forward SSH traffic from my ethernet adapter to a networked machine on a different adapter. echo "rdr pass inet proto { tcp, udp } from any to any port 2222 -> 192.168.1.64 port 22" | sudo pfctl -ef - Can't seem to get any traffic through either! – Hobsie Nov 13 '18 at 16:56
  • 1
    Oof, sorry I don't remember at all.. – Robbsen Nov 14 '18 at 17:08

0 Answers0