Connection killed by block_global when trying to connect remotely


#1
Steps to reproduce the problem:
  1. Create a ubuntu vps with python 3.6 I used ubuntu 18.04 and install pip
  2. pip install mitmproxy, mitmproxy -p 3128
  3. Connect from my home PC and the connection gets killed by block_global
Comments

I tried a bunch of options like --set block_global false but they’re all unrecognized I can’t find docs anywhere on the exact command/what I need to do.

Error

Client connection from myip killed by block_global
myip:62409: Connection killed
myip:62409: clientdisconnect


#2

Ok, three things, it seems you need to work with mitmweb, because the proxy would be accessible from the root terminal, so attempt these in order:

  1. mitmweb --set block_global=false. Consider making changes directly to the config file as my post below.

  2. Disable firewalld or ufw depending on what OS you have, to ensure access is not blocked by any of them or similar. If this resolves it, add the respective rules, then enable them back.

  3. The port you used in your example,is the default port for Squid proxy, from which I can infer you have a Squid so ensure its not running, and try MITM with the default ports first, for a simpler diagnosis. Once, you know what’s wrong go for any port

  4. Modify the config file ~/.mitmproxy/config.yaml by allowing “true” for remote access as below:
    allow_remote=true

Having said that, its totally unwise to manage the proxy client side or remotely, unless you restrict that with a rule only for your public IP. The other point, assuming you want to access the mitmweb, its very nice but it lacks a lot of functionality, so I realized, I will deal with it sooner or later, so let it be sooner, after I familiarize myself with the web version to the available commands and options, then go server-side with mitmproxy
Hope this helps anyone


#3

Ok, an update to step 4:
allow_remote is deprecated. I will examine the options tomorrow in details.

Just for the record, you will find it under the profile that installed it, in my case that is root (this should be a privileged user for you NOT ROOT, this is only one of my testing droplets),

nano /root/ .mitmproxy/config.yaml

The output of the config is shown below, this is handier for me to edit it directly or to view the active settings

The above shows the block_global as per the first point in my previous post

Again,hope this be helpful to anyone


#4

Ok, initially I set block_global thru the set, and I got the same error as yours.

It didn’t work as the config file was still “true”, I edited the config file, stopped firewalld and installled mitm certificate.

This is a remote proxy as you can see I have two IPs now, so MITMproxy is working remotely, intercepting google which sees me in the US thru my proxified connection, while am in Egypt.