How to permanently redirect port 80 to 8080 on OS X?

Question

On OS X 10.6 you do not have iptables, so what is the full solution for this permanently redirect all request sent to port 80 to another port, like 8080?

It has to be persistent.

I wanted to suggest `rinetd` because it is so simple I thought it would compile anywhere, but there does not seem to be a port to OS X, unfortunately... — Nicolas Raoul, Sep 22 '10 at 11:55
I can't post this as an answer because this question is protected, but I've had great success using the built in Apache server to redirect to another port. Add the following to the end of /etc/apache2/httpd.conf: `\nProxyPass http://localhost:8080/\n` (where `\n` is a newline), and then enable "Internet Sharing" in System Preferences. — Tobias, Jul 03 '12 at 01:44

score 12 · Answer 1 · answered Sep 22 '10 at 13:20

12

Use ipfw(read http://discussions.info.apple.com/message.jspa?messageID=10945451 http://discussions.apple.com/thread.jspa?messageID=10996939&#10996939)

ipfw add NUMBER fwd 127.0.0.1,8080 tcp from any to me 80

or http://www.hanynet.com/waterroof/

answered Sep 22 '10 at 13:20

bindbn

5,153
2
26
23

Thank but is missing something, this change is not persistent. – sorin Sep 22 '10 at 14:29
okay ,... place your plist in Launch agents not launch Daemon. amazing it worked for me. – Dec 31 '11 at 01:23
1

'NUMBER' is some sort of position in ipfw and should be replaced with an actual number – Drew Feb 16 '12 at 17:10

score 10 · Accepted Answer · answered Feb 14 '11 at 02:00

10

Use ipfw as in @bindbn's answer. That's the general idea.

Persistence:

put your rules into a file :

/etc/ipfw.conf

add at the very top of your file

flush

Ensure that there are not leading or trailing whitespaces in any line.

add to /Library/LaunchDaemons/com.yourdomain.ipfw.plist :

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>Label</key>
    <string>com.yourdomain.ipfw</string>
    <key>Program</key>
    <string>/sbin/ipfw</string>
    <key>ProgramArguments</key>
    <array>
      <string>/sbin/ipfw</string>
      <string>-q</string>
      <string>/etc/ipfw.conf</string>
    </array>
    <key>RunAtLoad</key>
    <true/>
  </dict>
</plist>

Either reboot, or

launchctl load -w /Library/LaunchDaemons/com.yourdomain.ipfw.plist

the first time.

After that it is

launchctl load com.yourdomain.ipfw

answered Feb 14 '11 at 02:00

chiggsy

1,576
1
15
20

1

Chinggsy, I tried your method and everything runs but once it does I get an error in the console. 3/30/11 4:07:01 PM com.apple.ipfw[342] Line 1: socket: Operation not permitted The permissions on both files are set to root as the owner and the issue persists. What am I missing? peace – concertman Mar 30 '11 at 21:15
This article fixed that for me: http://apple.stackexchange.com/questions/3250/why-am-i-getting-a-dubious-ownership-of-file-error-when-launch-agent-runs-my – Mattijs Jul 31 '13 at 10:55
1

Actually, this answer didn't work for some reason. This article did however: http://blog.scottlowe.org/2012/04/05/setting-up-ipfw-on-mac-os-x/ – Mattijs Jul 31 '13 at 11:22
In OS X Yosemite `ipfw` has been removed. An alternative solution using `pf` has been posted [in this gist](https://gist.github.com/zhoutong/8adca7038639f0f5fb0e). – lyschoening Oct 17 '14 at 14:27

How to permanently redirect port 80 to 8080 on OS X?

2 Answers2

Persistence:

Ensure that there are not leading or trailing whitespaces in any line.