You have to disable System Integrity Protection to accomplish this. Now modify /System/Library/LaunchDaemons/ from Parse and test your anchor file to make sure there are no errors: sudo pfctl -vnf /etc/pf.anchors/ Load anchor "com.apple" from "/etc/pf.anchors/com.apple" Original file: scrub-anchor "com.apple/*" Modify the file /private/etc/pf.conf but keep a trailing empty line The same goes for port 80 in mybadports.Ī simple but less flexible solution is: block drop out proto tcp from any to port 443 The additional domain names in mybadhosts are just an example how to add additional domains. ![]() With the following content and a trailing empty line mybadhosts = ""īlock drop out proto tcp from any to $mybadhosts port $mybadports ![]() ![]() To permanently block outgoing traffic to specific domains you should create a new anchor file and add it to pf.conf.Ĭreate an anchor file in /private/etc/pf.anchors sudo touch /private/etc/pf.anchors/
0 Comments
Leave a Reply. |