feat: implement comprehensive TCP jailing for macOS

blink-so[bot] · f0ssel · blink-so[bot] · commit f20cc3516f70 · 2025-09-10T19:35:39.000Z
Extended the comprehensive TCP jailing approach to macOS using PF rules.
Replaced port-specific rules (80, 443) with comprehensive TCP interception
to prevent bypass via non-standard ports.

## macOS Security Improvements
- **Before**: Only HTTP (80) and HTTPS (443) intercepted
- **After**: ALL TCP traffic from jailed group intercepted

## Key Changes
- Removed port-specific PF rules (port 80, port 443)
- Added comprehensive TCP redirection for all ports
- Routes ALL TCP traffic to HTTPS proxy port
- Prevents bypass via database ports, SSH, custom APIs, etc.

## Bypass Prevention (macOS)
Applications can no longer escape jail by using:
- HTTP on non-standard ports (8080, 3000, etc.)
- Database connections (3306, 5432, 27017)
- SSH connections (22)
- Custom API ports
- Any TCP-based protocol on any port

This ensures both Linux and macOS provide identical comprehensive
network jailing capabilities.

Tested: Build succeeds, all tests pass.

Co-authored-by: f0ssel &lt;19379394+f0ssel@users.noreply.github.com&gt;
diff --git a/namespace/macos.go b/namespace/macos.go
@@ -243,43 +243,42 @@ func (m *MacOSNetJail) getDefaultInterface() (string, error) {
 	return "en0", nil
 }
 
-// createPFRules creates PF rules for traffic diversion
+// createPFRules creates PF rules for comprehensive TCP traffic diversion
 func (m *MacOSNetJail) createPFRules() (string, error) {
 	// Get the default network interface
 	iface, err := m.getDefaultInterface()
 	if err != nil {
 		return "", fmt.Errorf("failed to get default interface: %v", err)
 	}
 
-	// Create PF rules following httpjail's working pattern
-	rules := fmt.Sprintf(`# boundary PF rules for GID %d on interface %s
-# First, redirect traffic arriving on lo0 to our proxy ports
-rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port %d
-rdr pass on lo0 inet proto tcp from any to any port 443 -> 127.0.0.1 port %d
+	// Create comprehensive PF rules for ALL TCP traffic interception
+	// This prevents bypass via non-standard ports (8080, 3306, 22, etc.)
+	rules := fmt.Sprintf(`# comprehensive TCP jailing PF rules for GID %d on interface %s
+# COMPREHENSIVE APPROACH: Intercept ALL TCP traffic from the jailed group
+# This ensures NO TCP traffic can bypass the proxy by using alternative ports
 
-# Route boundary group traffic to lo0 where it will be redirected
-pass out route-to (lo0 127.0.0.1) inet proto tcp from any to any port 80 group %d keep state
-pass out route-to (lo0 127.0.0.1) inet proto tcp from any to any port 443 group %d keep state
+# First, redirect ALL TCP traffic arriving on lo0 to our HTTPS proxy port
+# The HTTPS proxy can handle both HTTP and HTTPS traffic
+rdr pass on lo0 inet proto tcp from any to any -> 127.0.0.1 port %d
 
-# Also handle traffic on the specific interface
-pass out on %s route-to (lo0 127.0.0.1) inet proto tcp from any to any port 80 group %d keep state
-pass out on %s route-to (lo0 127.0.0.1) inet proto tcp from any to any port 443 group %d keep state
+# Route ALL TCP traffic from boundary group to lo0 where it will be redirected
+pass out route-to (lo0 127.0.0.1) inet proto tcp from any to any group %d keep state
+
+# Also handle ALL TCP traffic on the specific interface from the group
+pass out on %s route-to (lo0 127.0.0.1) inet proto tcp from any to any group %d keep state
 
 # Allow all loopback traffic
 pass on lo0 all
 `,
 		m.groupID,
 		iface,
-		m.config.HTTPPort,
-		m.config.HTTPSPort,
-		m.groupID,
-		m.groupID,
-		iface,
+		m.config.HTTPSPort, // Use HTTPS proxy port for all TCP traffic
 		m.groupID,
 		iface,
 		m.groupID,
 	)
 
+	m.logger.Debug("Comprehensive TCP jailing enabled for macOS", "group_id", m.groupID, "proxy_port", m.config.HTTPSPort)
 	return rules, nil
 }
 
