I want to set DSCP value on specific traffic coming out of an OS X machine. I think the right way is to use pf, but I can't figure how to write the rule correctly. I've tried something like this but when I try to load the file there is a syntax error:
pass out proto udp from any to any port 4321 set tos 0x20
Any idea of the right syntax ?
Any idea of the right syntax ?
OpenBSD’s PF for Mac OS X is mostly outdated, broken, rotten.
You're trying syntax that is used in modern OpenBSD's PF version.
Meanwhile before they changed it in OpenBSD, set-tos could be applied only in a scrub-rule — OpenBSD 4.4 has it in its man pf.conf, check it out.
Back to "OpenBSD’s PF for Mac OS X is mostly outdated, broken, rotten". Since OpenBSD 4.4 was the first version with support of scrub … set-tos we can conclude that Apple ported PF's version < 4.4 (say, 4.3) that still's being shipped with pretty recent macOS releases. I have no idea whether they apply any bug fixes, but answer to your question would be "wrong OS for doing that with PF".
