HTTP Proxy query


#1

I’m trying to look at http traffic leaving my device that is destined for a web proxy (port 8080), that I’m hosting on vps I own.

I’ve tried running using the standard prerouting rule to take port 8080 and redirect it 9090 but mitmproxy doesn’t like it. I get absolute warnings when expecting relative.

I saw a number of years ago there was mode called “–spoof” and the original person who came up with it shared a diagram of what they wanted to achieve and it looks remarkably similar. https://github.com/mitmproxy/mitmproxy/pull/638

The mode was removed not long after it was merged.

Suppose my ask here does mitmproxy have a mode where it will act as the proxy the traffic is destined for?


#2

I think you can use the spoof source address option

Use the client’s IP for server-side connections. Combine with

–upstream-bind-address to spoof a fixed source address. Type bool.

spoof_source_address: false


#3

Interesting.

The “–spoof-source-address” is that only used with fully transparent mode?

I’ll give it a go and get back. Thanks for your help


#4

So I tried spoof-source-address and that produced the same error as before about getting relative instead resolute.

I tried running the proxy in regular mode and was able to see http traffic (which is great) I’m also getting https which I don’t care about and would prefer just to let that pass without mitmproxy trying to intercept it and mitm it. Is it possible to completely turn off the ssl mitm functionality? I just want to proxy the connection.

I should also further elaborate on my setup that I’m post NAT from my device that is doing the http proxying over port 8080.

Any ideas?


#5

So I’ve been able to use the “ignore” function while running in regular mode to say just proxy all 443, something like ‘^((?!80).)*$’

When trying to run in transparent mode I get an http protocol error, expecting e or r… get, absolute. Is this because I’m post nat?

@mhils any ideas?


#6

Did you take a look at http://docs.mitmproxy.org/en/stable/modes.html? --spoof seems to be entirely unrelated to what you want to achieve if I understand you correctly. You probably just want mitmproxy configured in upstream proxy mode and then redirect traffic to it?


#7

So as traffic is flowing through my box already destined for port 8080, will I need to apply iptables redirect to another port like 9090.

Then my command would look like “mitmproxy -U http://myvpsproxy:8080 -p 9090”.

What if i wanted to do the proxying on behalf of my device instead of passing it to my vpsproxy?