The short version:
How do I redirect all traffic from en2 port 80/443 to 127.0.0.1:8080 when I have enabled Internet Sharing in OS X Mountain Lion (10.8)?
Some background:
I am doing a master thesis where I will evaluate communication security for various smartphone apps. I have chosen to use my new MacBook Air as the router.
I have connected my Air to the Internet with USB Ethernet and setup Internet Sharing to my Wifi. This works fine. I can connect other devices to my Air via wifi and access the Internet. Great!
Now I want to intercept this traffic and modify it on-the-fly. I figured I need a proxy to do this but I need a transparent one, where I don't have to do any configuration on the device. I found that mitmproxy offers exactly these features. So I have it running on 127.0.0.1:8080, ready to intercept traffic.
Unfortunately I am stuck trying to redirect my traffic coming in from the wifi (en2) on port 80 and 443 to 127.0.0.1:8080. The mitmproxy docs suggest a config for pfctl but it doesn't work. I noticed that Apple has provided some config for Internet Sharing, enabling NAT. So if I don't use their configuration then the Internet Sharing stops working. And when I try to add the rdr lines to their config it doesn't take effect (tried several places in the file /etc/pf.conf). My traffic just passes on to the Internet, bypassing the mitmproxy.
Best Answer
I found the answer.
I loaded my rules as part of the anchor
com.apple/100.InternetSharing/natpmpwhich is the one used for Internet Sharing.The file
mitm.pf.confcontains the rules:Load it using the Internet Sharing anchor: