Is there any merit in installing a virtual machine with OpenBSD and pf (or any other simple and secure OS + iptable) on a mac laptop and routing all the traffic through that machine? I read a similar set up for corporate laptops running windows (I thing I read this in BSD magazine). They claim that Windows machines are too hard to secure and if you are taking them to the wild (public wireless, hotels, ...) you'd better but a secure OS in between! If you think this is a good idea, how you route all the traffic on a mac through the virtual machine and prevent any application or service to go directly? I am not sure if just setting the gateway will do that, what about DNS? you don't want anybody to fool you with DNS cache poisoning or similar attacks either.
SnapOverflow
DNS cache poisoning is a separate issue from having a virtualbox firewall. Neither of which will encrypt your internet session. I think you want to use an SSH tunnel to a trusted server, as this will protect you from local DNS poisoning attacks (but 'they' might still attack your trusted server :-)
In my opinion, and with my resources, it is much easier to run an SSH tunnel to one of my trusted servers, and then access the internet through that (to protect myself from a hostile WLAN).
Also, I think on OSX you should have more than capable services to do firewalling: isn't there a pf or iptables app for your version of OSX?