Forward LAN traffic to localhost web server on the same MacBook Pro
Using a stock, early 2011 model MacBook Pro, I needed to access my secure webserver, which runs on localhost and the default port for HTTPS of 443 (127.0.0.1:443), with remote clients on the LAN. The LAN at my home office is 10.0.0.0/24.
The following assumes you have edited httpd.conf and have HTTPS configured correctly; that is, you are able to point a web browser to https://127.0.0.1/ and see the site you are serving with httpd.
1) Turn on Web Sharing in System Preferences/Sharing. This will open a port on the LAN for httpd to serve requests.
2) Turn on Remote Login in System Preferences/Sharing. This will start sshd to enable port forwarding with ssh at the command line.
3) Using a shell enter:
a ) 10.0.0.29 is the address of my laptop's interface on the LAN.
b ) 8080 is the port that ssh will listen to and then forward traffic to and from.
c ) 127.0.0.1:443 is the address:port on my laptop that ssh will forward traffic to, when it receives traffic on 10.0.0.29:8080
d ) your_username@localhost is the login for the local sshd service that was started by enabling Sharing/Remote Login in System Prefernces
By visiting https://10.0.0.29:8080/ on the 10.0.0.0/24 network with say, an iPhone, you will be able to see the website that is configured in httpd as 127.0.0.1:443 on the MacBook. This helps with local development since you don't have to create a new cert each time your dynamic LAN address changes; it is only a matter of changing the address and port that ssh will forward to localhost.
The following assumes you have edited httpd.conf and have HTTPS configured correctly; that is, you are able to point a web browser to https://127.0.0.1/ and see the site you are serving with httpd.
1) Turn on Web Sharing in System Preferences/Sharing. This will open a port on the LAN for httpd to serve requests.
2) Turn on Remote Login in System Preferences/Sharing. This will start sshd to enable port forwarding with ssh at the command line.
3) Using a shell enter:
ssh -NL 10.0.0.29:8080:127.0.0.1:443 your_username@localhost
a ) 10.0.0.29 is the address of my laptop's interface on the LAN.
b ) 8080 is the port that ssh will listen to and then forward traffic to and from.
c ) 127.0.0.1:443 is the address:port on my laptop that ssh will forward traffic to, when it receives traffic on 10.0.0.29:8080
d ) your_username@localhost is the login for the local sshd service that was started by enabling Sharing/Remote Login in System Prefernces
By visiting https://10.0.0.29:8080/ on the 10.0.0.0/24 network with say, an iPhone, you will be able to see the website that is configured in httpd as 127.0.0.1:443 on the MacBook. This helps with local development since you don't have to create a new cert each time your dynamic LAN address changes; it is only a matter of changing the address and port that ssh will forward to localhost.