Colin Charles Agenda

Secure travelling with ipfw on OS X?

Dear (mac/bsd) Lazyweb,

Any idea how I can do the following, on Mac OS X?

iptables -t nat -A PREROUTING -p tcp -d my.pop.server —dport 110 -j DNAT —to-destination 127.0.0.1:1235
iptables -t nat -A OUTPUT -p tcp -d my.pop.server —dport 110 -j DNAT —to-destination 127.0.0.1:1235

Does ipfw(8) work in OS X? What magic will I have to use for this to work? All I really want is for my.pop.server:110 to point to localhost:1235, so if the SSH tunnel isn’t up, I can’t POP my mail. I wrote about this in Secure travelling tips with iptables and SSH port forwarding, as that’s what I do on Linux.

Why do I ask? I’m thinking that my personal laptop (currently a Dell Inspiron 640m running Linux) might actually be replaced with a MacBook Air in the near future (lighter, easier to carry, etc.). Oh, if you have comments about the Air, don’t hesitate to tell them to me as well.