diff -ruN sslsniff-0.6/SSLConnectionManager.cpp sslsniff-0.6-pfhack/SSLConnectionManager.cpp
--- sslsniff-0.6/SSLConnectionManager.cpp	2009-09-11 00:40:27.000000000 +0200
+++ sslsniff-0.6-pfhack/SSLConnectionManager.cpp	2011-04-19 13:26:01.000000000 +0200
@@ -170,3 +170,6 @@
     interceptSSL(clientSocket, destination, wildcardOK);
 }
 
+// XXX hack to avoid messing with autotools
+#include "util/Destination.cpp"
+
diff -ruN sslsniff-0.6/http/HttpConnectionManager.cpp sslsniff-0.6-pfhack/http/HttpConnectionManager.cpp
--- sslsniff-0.6/http/HttpConnectionManager.cpp	2009-09-11 00:47:30.000000000 +0200
+++ sslsniff-0.6-pfhack/http/HttpConnectionManager.cpp	2011-04-19 10:29:32.000000000 +0200
@@ -29,9 +29,6 @@
 #include <string>
 #include <map>
 
-#include <linux/netfilter_ipv4.h>
-#include <arpa/inet.h>
-
 #include "../util/Destination.hpp"
 #include "../util/Util.hpp"
 #include "../FingerprintManager.hpp"
diff -ruN sslsniff-0.6/util/Destination.cpp sslsniff-0.6-pfhack/util/Destination.cpp
--- sslsniff-0.6/util/Destination.cpp	1970-01-01 01:00:00.000000000 +0100
+++ sslsniff-0.6-pfhack/util/Destination.cpp	2011-04-19 13:23:27.000000000 +0200
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2002-2009 Moxie Marlinspike
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+
+// XXX define one of these through autoconf
+#define HAVE_PF 
+// #define HAVE_NETFILTER 
+
+#ifdef HAVE_NETFILTER
+#include <linux/netfilter_ipv4.h>
+#endif
+
+#ifdef HAVE_PF
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <sys/fcntl.h>
+#include <net/if.h>
+#include <netinet/in.h>
+#include <net/pfvar.h>
+#endif
+
+#include <arpa/inet.h>
+#include "util/Destination.hpp"
+
+int
+Destination::getOriginalDestination(boost::asio::ip::tcp::socket &socket,
+				    boost::asio::ip::tcp::endpoint &originalDestination)
+{
+#ifdef HAVE_NETFILTER
+	struct sockaddr_in serverAddr;
+	int fd   = (int)socket.native();
+	int size = sizeof(serverAddr);
+
+	if (getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, &serverAddr, (socklen_t*)&size) < 0) {
+		perror("Could not determine socket's original destination.");
+		throw IndeterminateDestinationException();
+	}
+
+	originalDestination = boost::asio::ip::tcp::endpoint(boost::asio::ip::address_v4(ntohl(serverAddr.sin_addr.s_addr)), ntohs(serverAddr.sin_port));
+	return 1;
+#elif defined(HAVE_PF)
+	boost::asio::ip::tcp::endpoint le = socket.local_endpoint();
+	boost::asio::ip::tcp::endpoint re = socket.remote_endpoint();
+	static int fd = -1;
+	struct pfioc_natlook nl;
+
+	if (fd < 0) {
+		fd = open("/dev/pf", O_RDONLY);
+		if (fd >= 0) {
+			fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
+		}
+	}
+	if (fd < 0) {
+		perror("PF open failed");
+		throw IndeterminateDestinationException();
+	}
+
+	memset(&nl, 0, sizeof(struct pfioc_natlook));
+	nl.saddr.v4.s_addr = htonl(re.address().to_v4().to_ulong());
+	nl.sport = htons(re.port());
+	nl.daddr.v4.s_addr = htonl(le.address().to_v4().to_ulong());
+	nl.dport = htons(le.port());
+	nl.af = AF_INET;
+	nl.proto = IPPROTO_TCP;
+	nl.direction = PF_OUT;
+
+	if (ioctl(fd, DIOCNATLOOK, &nl)) {
+		if (errno != ENOENT) {
+			perror("PF lookup failed: ioctl(DIOCNATLOOK)");
+			close(fd);
+			fd = -1;
+		}
+		throw IndeterminateDestinationException();
+	}
+
+	if (nl.daddr.v4.s_addr == nl.rdaddr.v4.s_addr && nl.dport == nl.rdport) {
+		/* no destination addr/port rewriting in place */
+		throw IndeterminateDestinationException();
+	}
+
+	originalDestination = boost::asio::ip::tcp::endpoint(boost::asio::ip::address_v4(ntohl(nl.rdaddr.v4.s_addr)), ntohs(nl.rdport));
+	return 1;
+#else
+	throw IndeterminateDestinationException();
+#endif
+}
+
diff -ruN sslsniff-0.6/util/Destination.hpp sslsniff-0.6-pfhack/util/Destination.hpp
--- sslsniff-0.6/util/Destination.hpp	2009-09-11 00:48:15.000000000 +0200
+++ sslsniff-0.6-pfhack/util/Destination.hpp	2011-04-19 10:29:32.000000000 +0200
@@ -20,8 +20,6 @@
 #ifndef __DESTINATION_H__
 #define __DESTINATION_H__
 
-#include <linux/netfilter_ipv4.h>
-#include <arpa/inet.h>
 #include <boost/asio.hpp>
 
 class IndeterminateDestinationException : public std::exception {
@@ -36,22 +34,7 @@
 public:
   
   static int getOriginalDestination(boost::asio::ip::tcp::socket &socket,
-				    boost::asio::ip::tcp::endpoint &originalDestination) 
-  {
-    struct sockaddr_in serverAddr;
-    int fd   = (int)socket.native();     
-    int size = sizeof(serverAddr);
-    
-    if (getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, &serverAddr, (socklen_t*)&size) < 0) {
-      perror("Could not determine socket's original destination.");
-      throw IndeterminateDestinationException();
-    }
-
-    originalDestination = boost::asio::ip::tcp::endpoint(boost::asio::ip::address_v4(ntohl(serverAddr.sin_addr.s_addr)), ntohs(serverAddr.sin_port));
-    
-    return 1;
-  }
+				    boost::asio::ip::tcp::endpoint &originalDestination);
 };
 
-
 #endif