{"id":822,"date":"2008-05-27T01:05:50","date_gmt":"2008-05-27T06:05:50","guid":{"rendered":"http:\/\/www.bytebot.net\/blog\/?p=822"},"modified":"2008-05-27T01:05:50","modified_gmt":"2008-05-27T06:05:50","slug":"secure-travelling-with-ipfw-on-os-x","status":"publish","type":"post","link":"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x","title":{"rendered":"Secure travelling with ipfw on OS X?"},"content":{"rendered":"<p>Dear (mac\/bsd) Lazyweb,<\/p>\n<p>Any idea how I can do the following, on Mac OS X?<\/p>\n<p><tt>iptables -t nat -A PREROUTING -p tcp -d my.pop.server \u2014dport 110 -j DNAT \u2014to-destination 127.0.0.1:1235<br \/>\niptables -t nat -A OUTPUT -p tcp -d my.pop.server \u2014dport 110 -j DNAT \u2014to-destination 127.0.0.1:1235<\/tt><\/p>\n<p>Does <tt>ipfw(8)<\/tt> work in OS X? What magic will I have to use for this to work? All I really want is for my.pop.server:110 to point to localhost:1235, so if the SSH tunnel isn&#8217;t up, I can&#8217;t POP my mail. I wrote about this in <a href=\"http:\/\/www.bytebot.net\/blog\/archives\/2007\/12\/06\/secure-travelling-tips-with-iptables-and-ssh-port-forwarding\">Secure travelling tips with iptables and SSH port forwarding<\/a>, as that&#8217;s what I do on Linux.<\/p>\n<p>Why do I ask? I&#8217;m thinking that my personal laptop (currently a Dell Inspiron 640m running Linux) might actually be replaced with a MacBook Air in the near future (lighter, easier to carry, etc.). Oh, if you have comments about the Air, don&#8217;t hesitate to tell them to me as well.<\/p>\n<div class=\"sharedaddy sd-sharing-enabled\"><div class=\"robots-nocontent sd-block sd-social sd-social-icon-text sd-sharing\"><h3 class=\"sd-title\">Share this:<\/h3><div class=\"sd-content\"><ul><li class=\"share-email\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-email sd-button share-icon\" href=\"mailto:?subject=%5BShared%20Post%5D%20Secure%20travelling%20with%20ipfw%20on%20OS%20X%3F&body=http%3A%2F%2Fwww.bytebot.net%2Fblog%2Farchives%2F2008%2F05%2F27%2Fsecure-travelling-with-ipfw-on-os-x&share=email\" target=\"_blank\" title=\"Click to email a link to a friend\" data-email-share-error-title=\"Do you have email set up?\" data-email-share-error-text=\"If you&#039;re having problems sharing via email, you might not have email set up for your browser. You may need to create a new email yourself.\" data-email-share-nonce=\"d6f270e24a\" data-email-share-track-url=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=email\"><span>Email<\/span><\/a><\/li><li class=\"share-facebook\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-facebook-822\" class=\"share-facebook sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=facebook\" target=\"_blank\" title=\"Click to share on Facebook\" ><span>Facebook<\/span><\/a><\/li><li class=\"share-linkedin\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-linkedin-822\" class=\"share-linkedin sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=linkedin\" target=\"_blank\" title=\"Click to share on LinkedIn\" ><span>LinkedIn<\/span><\/a><\/li><li class=\"share-twitter\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-twitter-822\" class=\"share-twitter sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=twitter\" target=\"_blank\" title=\"Click to share on Twitter\" ><span>Twitter<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><\/div><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>Dear (mac\/bsd) Lazyweb, Any idea how I can do the following, on Mac OS X? iptables -t nat -A PREROUTING -p tcp -d my.pop.server \u2014dport 110 -j DNAT \u2014to-destination 127.0.0.1:1235 iptables -t nat -A OUTPUT -p tcp -d my.pop.server \u2014dport 110 -j DNAT \u2014to-destination 127.0.0.1:1235 Does ipfw(8) work in OS X? What magic will I [&hellip;]<\/p>\n<div class=\"sharedaddy sd-sharing-enabled\"><div class=\"robots-nocontent sd-block sd-social sd-social-icon-text sd-sharing\"><h3 class=\"sd-title\">Share this:<\/h3><div class=\"sd-content\"><ul><li class=\"share-email\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"\" class=\"share-email sd-button share-icon\" href=\"mailto:?subject=%5BShared%20Post%5D%20Secure%20travelling%20with%20ipfw%20on%20OS%20X%3F&body=http%3A%2F%2Fwww.bytebot.net%2Fblog%2Farchives%2F2008%2F05%2F27%2Fsecure-travelling-with-ipfw-on-os-x&share=email\" target=\"_blank\" title=\"Click to email a link to a friend\" data-email-share-error-title=\"Do you have email set up?\" data-email-share-error-text=\"If you&#039;re having problems sharing via email, you might not have email set up for your browser. You may need to create a new email yourself.\" data-email-share-nonce=\"d6f270e24a\" data-email-share-track-url=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=email\"><span>Email<\/span><\/a><\/li><li class=\"share-facebook\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-facebook-822\" class=\"share-facebook sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=facebook\" target=\"_blank\" title=\"Click to share on Facebook\" ><span>Facebook<\/span><\/a><\/li><li class=\"share-linkedin\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-linkedin-822\" class=\"share-linkedin sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=linkedin\" target=\"_blank\" title=\"Click to share on LinkedIn\" ><span>LinkedIn<\/span><\/a><\/li><li class=\"share-twitter\"><a rel=\"nofollow noopener noreferrer\" data-shared=\"sharing-twitter-822\" class=\"share-twitter sd-button share-icon\" href=\"http:\/\/www.bytebot.net\/blog\/archives\/2008\/05\/27\/secure-travelling-with-ipfw-on-os-x?share=twitter\" target=\"_blank\" title=\"Click to share on Twitter\" ><span>Twitter<\/span><\/a><\/li><li class=\"share-end\"><\/li><\/ul><\/div><\/div><\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_options":[]},"categories":[1],"tags":[147,17,145,144,148,5,68,146],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p4vJD-dg","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":678,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2007\/12\/06\/secure-travelling-tips-with-iptables-and-ssh-port-forwarding","url_meta":{"origin":822,"position":0},"title":"Secure travelling tips with iptables and SSH port forwarding","date":"6\/12\/2007","format":false,"excerpt":"The general paranoia at conferences is such that there almost always is WiFi, and there almost always is someone wanting to snoop your traffic. I guess, in a similar vein, this could also happen at Starbucks. So, on day 1, at foss.in I tried to recollect what I used to\u2026","rel":"","context":"In &quot;General&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3315,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2017\/03\/03\/upgrade-notes-on-macos-sierra","url_meta":{"origin":822,"position":1},"title":"Upgrade notes on macOS Sierra","date":"3\/3\/2017","format":false,"excerpt":"I'm notorious for not updating OS X (macOS) too quickly, preferring to wait months on end for Apple to iron out bugs. I just hope that in 2017 they don't make a major release and something sensible, i.e. that fixes usability and makes the OS much more stable. However when\u2026","rel":"","context":"In &quot;Distributions&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":441,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2006\/11\/14\/linux-performance-server-security-related-book-reviews","url_meta":{"origin":822,"position":2},"title":"Linux (performance, server, security) related book reviews","date":"14\/11\/2006","format":false,"excerpt":"I took a vacation recently, which involved heading down to Hobart, for some rest & relaxation. And lots of food (read: oysters, seafood, yum!). I packed my suitcase with some books for some late night reading, and am pleased to provide some form of review. Linux Server Hacks by Rob\u2026","rel":"","context":"In &quot;General&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":848,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2008\/06\/25\/migrating-firefoxthunderbird-from-linux-to-os-x","url_meta":{"origin":822,"position":3},"title":"Migrating Firefox\/Thunderbird from Linux to OS X","date":"25\/6\/2008","format":false,"excerpt":"Today, I completed my migration of my personal machine to one that runs OS X. For those not following Twitter, I picked up a MacBook Air last week, and have slowly been moving my stuff off from the Dell. The Dell can now serve as a full development machine, and\u2026","rel":"","context":"In &quot;General&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3362,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2017\/06\/05\/the-touch-bar-can-wow-you-over","url_meta":{"origin":822,"position":4},"title":"The Touch Bar can wow you over!","date":"5\/6\/2017","format":false,"excerpt":"In the tech space, sometimes people can be notorious for bemoaning new technology. Case in point? The Touch Bar on the new retina MacBook Pro's. I've been using a 15\" retina MacBook Pro with Touch Bar for about six months now. I am a vim user when I SSH to\u2026","rel":"","context":"In &quot;Tech&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.bytebot.net\/blog\/wp-content\/uploads\/2017\/06\/IMG_5859-300x225.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":3472,"url":"http:\/\/www.bytebot.net\/blog\/archives\/2019\/02\/16\/state-of-the-mac-early-2019","url_meta":{"origin":822,"position":5},"title":"State of the Mac early 2019","date":"16\/2\/2019","format":false,"excerpt":"I landed in London sometime in January 2019, and made an appointment at the Regent Street Apple Store the same morning for that afternoon at 1pm. This is apparently a very rare thing, because Apple Store appointments are usually full up weeks in advance. The reason was simple: my 2016\u2026","rel":"","context":"In &quot;Tech&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"amp_enabled":true,"_links":{"self":[{"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/posts\/822"}],"collection":[{"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/comments?post=822"}],"version-history":[{"count":0,"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/posts\/822\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/media?parent=822"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/categories?post=822"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.bytebot.net\/blog\/wp-json\/wp\/v2\/tags?post=822"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}