大泸网

Mac的互联网共享做了什么

佚名

以Mac Serria 10.12.5 有线上网为例mac互联网共享,共享WIFI给其它设备使用,共享WIFI对应的虚拟网卡为bridge100

在/usr/local/bin 目录下新建一个pfdump文件,粘贴以下内容:

#!/bin/bash
function pfprint() {
  if [ -n "$1" ];then
    sudo pfctl -a "$2" -s"$1" 2>/dev/null
  else
    sudo pfctl -s"$1" 2>/dev/null
  fi
}
function print_all() {
  local p=$(printf "%-40s" $1)
  (
    pfprint r "$1" | sed "s,^,r     ,"
    pfprint n "$1" | sed "s,^,n     ,"
    pfprint A "$1" | sed "s,^,A     ,"
  ) | sed "s,^,$p,"
  for a in `pfprint A "$1"`; do
    print_all "$a"
  done
}
print_all

保存,然后chmod +x pfdump,执行pfdump命令,得到如下结果:

                                        r     scrub-anchor "com.apple/*" all fragment reassemble
                                        r     anchor "com.apple/*" all
                                        n     nat-anchor "com.apple/*" all
                                        n     rdr-anchor "com.apple/*" all
                                        A       com.apple
                                        A       com.apple.internet-sharing
                                        A       custompf.conf
com.apple                               r     anchor "200.AirDrop/*" all
com.apple                               r     anchor "250.ApplicationFirewall/*" all
com.apple                               A       com.apple/200.AirDrop
com.apple                               A       com.apple/250.ApplicationFirewall
com.apple                               A       com.apple/HTTP
com.apple/200.AirDrop                   A       com.apple/200.AirDrop/Bonjour
com.apple/200.AirDrop/Bonjour           r     pass in on p2p0 inet6 proto udp from any to any port = 5353 keep state
com.apple/200.AirDrop/Bonjour           r     pass out on p2p0 proto tcp all flags any keep state
com.apple/HTTP                          r     scrub-anchor "com.apple/*" all fragment reassemble
com.apple/HTTP                          r     anchor "com.apple/*" all
com.apple/HTTP                          r     anchor "custompf.conf" all
com.apple/HTTP                          n     nat-anchor "com.apple/*" all
com.apple/HTTP                          n     nat-anchor "custompf.conf" all
com.apple/HTTP                          n     rdr-anchor "com.apple/*" all
com.apple/HTTP                          n     rdr-anchor "custompf.conf" all
com.apple/HTTP                          A       com.apple/HTTP/com.apple
com.apple/HTTP                          A       com.apple/HTTP/custompf.conf
com.apple.internet-sharing              r     scrub-anchor "base_v4" all fragment reassemble
com.apple.internet-sharing              r     anchor "base_v4" all
com.apple.internet-sharing              n     nat-anchor "base_v4" all
com.apple.internet-sharing              n     rdr-anchor "base_v4" all
com.apple.internet-sharing              A       com.apple.internet-sharing/base_v4
com.apple.internet-sharing/base_v4      r     scrub on en0 all no-df fragment reassemble
com.apple.internet-sharing/base_v4      r     scrub on bridge100 all no-df max-mss 1460 fragment reassemble
com.apple.internet-sharing/base_v4      r     scrub on bridge100 proto esp all no-df fragment reassemble
com.apple.internet-sharing/base_v4      r     pass on en0 all flags any keep state
com.apple.internet-sharing/base_v4      r     pass on en0 proto esp all no state
com.apple.internet-sharing/base_v4      r     pass on bridge100 all flags any keep state rtable 4
com.apple.internet-sharing/base_v4      n     nat on en0 inet from 192.168.2.0/24 to any -> (en0:0) extfilter ei
com.apple.internet-sharing/base_v4      n     no nat on bridge100 inet from 192.168.2.1 to 192.168.2.0/24
com.apple.internet-sharing/base_v4      n     rdr on bridge100 inet proto tcp from 192.168.2.0/24 to any port = 21 -> 127.0.0.1 port 8021

其中en0对应的是有线网卡mac互联网共享,可以看到共享网络能本地有线上网,实质上是利用pf进行了网络包转发

参考:

版权声明:本文发布于大泸网 内容均来源于互联网 如有侵权联系删除

上一篇:互联网金融:融合与发展——2014年中关村论坛年会海淀专场纪实

下一篇:2019第5届深圳国际互联网与电子商务博览会

相关文章