PF Redirect all local outbound traffic

I've been searching high and low for days and I'm 100% stuck with PF. Essentially I want to take all of my local, outbound HTTP(S) traffic and redirect it to a local proxy on 127.0.0.1:7777. I've tried every rdr, rdr-to, nat-to, nat on combo I came across and none of them seem to work. Could someone please point me in the right direction on how to do this? What would the rules look like in my pf.conf/anchor file?
 
I've been searching high and low for days and I'm 100% stuck with pf. Essentially I want to take all of my local, outbound HTTP/S traffic and redirect it to a local proxy on 127.0.0.1:7777. I've tried every rdr, rdr-to, nat-to, nat on combo I came across and none of them seem to work. Could someone please point me in the right direction on how to do this? What would the rules look like in my pf.conf/anchor file?

PF can not redirect traffic that originates from the host itself because the routing decision for the traffic has been already made by the time it gets to the filter. It's a FreeBSD specific limitation that does not exist on OpenBSD's PF for example.
 
PF can not redirect traffic that originates from the host itself because the routing decision for the traffic has been already made by the time it gets to the filter. It's a FreeBSD specific limitation that does not exist on OpenBSD's PF for example.

Do you know of another way to redirect all my local outbound HTTP traffic?
 
Where does the traffic come from? Do you have to enforce this, or do you just want it?

In you browser you could set the proxy manually. In your shell you can use the variable http_proxy by setenv http_proxy=127.0.0.1:7777.

Regards,

Markus
 
Where does the traffic comes from? Do you have to enforce this, or do you just want it?

In you Browser you could set the proxy manually.
In your Shell you can use the variable http_proxy by setenv http_proxy=127.0.0.1:7777

Regards
Markus

Traffic will mainly be the browser but ideally this should work with all HTTP requests. I can get the http_proxy to work with no problem, but my next issue is that this is an ad hoc network. I'm no network/system admin but from what I can tell ad hoc networks use mDNS, so the DNS lookup is skipped which leaves all HTTP requests to return 'host unknown'. Is there a relatively easy way to do this when under an ad hoc network?
 
I'm no network/system admin but from what I can tell ad hoc networks use mDNS, so the DNS lookup is skipped which leaves all HTTP requests to return 'host unknown'. Is there a relatively easy way to do this when under an ad hoc network?
I haven't used it myself but have a look at dns/nss_mdns.
 
Just to clarify it a little bit: by saying local traffic you mean traffic originating from localhost, not traffic going through your host from the ad hoc local network, right?
 
From Firefox you can also force the DNS requests to go through the remote proxy. You have to set this manually by typing about:config and set network.proxy.socks_remote_dns;true
 
Back
Top