Why not try a Loopback Alias:
- Create a custom alias for the loopback interface
127.0.0.2. - Then, redirect the traffic to
127.0.0.2:12300.
This way even if pf rewrites the destination IP to 127.0.0.2, it would be different from 127.0.0.1. This could perhaps make it possible for you to differentiate traffic between the IP Addresses.
ifconfig lo0 alias 127.0.0.2
Then for your pf rule, you could do something like this:
rdr pass proto tcp from any to any -> 127.0.0.2 port 12300
If this doesn’t work, would it be possible to use a third-party package like redsocks? Keep in mind this won’t be a drop-in replacement for the exact ipfw functionality, however, with some configuration and potentially some scripting, perhaps this could be used to serve a similar purpose.
If your primary objective is to work with sshuttle specifically, I recommend looking into any updates or forks of the project that might have arisen to address macOS’s changes, as mentioned previously.