Blocking Outgoing IP on Mac Using PF

During web application development that requires calling an API from external source, sometimes we want to simulate several network condition for error prevention. One of the error is caused by our server firewall blocking external call or our IP blocked by our external source. To simulate this problem in Mac, we can use PF.

First we need to edit PF configuration :

sudo vim /etc/pf.conf

Add IP address of the external service. Place following rule to the bottom of the config :

block drop from any to <IP Address>

Load the config by running :

sudo pfctl -f /etc/pf.conf

Then enable by running :

sudo pfctl -v

At this point, if you try to make a request to the blocked IP address on PF, you will get time out error. Then we start adding add exception for this particular case to prevent our user waiting for endless external call. This method can also be used to simulate CURLOPT_CONNECTTIMEOUT on curl.

To disable PF, just run :

sudo pfctl -d
One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.