Last Updated: February 25, 2016
· destructuring

The tricks behind pow!

pow! has two superuser features I want to extract to work with my vagrant, openvpn setup: custom top-level domain and port forwarding so I can set up an app server on each workstation, like https://mikan.desu

To setup the desu top-level domain, create a file (as root) in /etc/resolver/desu:

# contents of /etc/resolver/desu
port 5053

The high level port is key because you don't need to be root to bind a dns service to that port. Requests for mikan.desu's address will go to, which could be a bind server or a vagrant guest.

To redirect traffic to port 80 and 443, sudo privileges are required but only to set up the network. Like the dns service, the web service will be bound to a high port without root privileges.

Enable forwarding:

sudo sysctl -w net.inet.ip.forwarding=1

Direct port 80 to 8080, port 443 to 8443:

sudo ipfw add fwd,8080 tcp from any to any 80 "in" 
sudo ipfw add fwd,8443 tcp from any to any 443 "in"