Redirection of pfctl on OSX gets error

Question

I want all my traffics are redirected to SOCKS proxy on 127.0.0.1:1080. I added the rule below to the end of /etc/pf.conf according to this tutorial:

pass on en3 proto tcp from any to any rdr-to 127.0.0.1 port 1080

When I load this configuration file, error is reported:

pfctl: Syntax error in config file: pf rules not loaded

My operating system is OSX 10.11 El captain. Where am I wrong?

pass on en3 proto tcp from any to any rdr-to 127.0.0.1 **prot** 1080, should be **port** — Alex, Nov 23 '15 at 13:33

score 1 · Answer 1 · answered Sep 03 '19 at 14:58

My operating system is OSX 10.11 El captain. Where am I wrong?

— In expectance that this syntax should work.

Pf's version ported to MacOS from its first emerging till to Mojave (including) is kept frozen, Apple®'s doesn't update it. Still man pf.conf has proper examples of rdr rules.

Alex · Answer 2 · 2015-11-23T13:52:52.820

0

You are missing the direction of the packet in your rule, it should be in or out.

pass in on en3 proto tcp from any to any rdr-to 127.0.0.1 port 1080

or

pass out on en3 proto tcp from any to any rdr-to 127.0.0.1 port 1080

Also, I'm not sure the OSX implementation of PF supports rdr-to.

I never used it but according to the man page, it might look more like this:

rdr on en3 proto tcp from any to any -> 127.0.0.1 port 1080

edited Nov 23 '15 at 13:52

answered Nov 23 '15 at 13:48

Alex

3,129
21
28

1

After I add in/out direction of the packet, syntax error is still reported. – Douglas Su Nov 23 '15 at 13:51

Redirection of pfctl on OSX gets error

2 Answers2