Iptables rules for mitmproxy


#1

I’m looking for the correct iptables rules for the following scenario:

Router R running ddwrt (so I can set iptables rules, but can’t install mitmproxy / wireshark)

Device A which is sending traffic I want to analyze to the internet. Device B running Ubuntu on which I have mitmproxy and wireshark. Many other devices on the network connected to R which I don’t want to disrupt.

How do I set up the rules so that traffic from A (and only traffic from A) is routed to device B? I don’t have any control over the device A besides setting to which wifi AP it connects.


#2

Hi, did you take a look at http://docs.mitmproxy.org/en/stable/modes.html?
Most of the time, just setting a custom gateway is the easiest way (if you need transparent mode - regular mode would be even easier). If you want to do redirection on the router, take a look at https://github.com/mitmproxy/mitmproxy/blob/master/docs/custom-routing.txt.


#3

Thanks, now I have read those I I’m doing the following which still doesn’t work:

On device B I start mitmproxy like this: sudo mitmproxy -T --host -a -p 80

On my router R I added a static routing rule that tells A to use B as a gateway.
I verified this worked by running route on A:

> route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         rpi3.local      0.0.0.0         UG    0      0        0 wlan0
192.168.0.0     *               255.255.255.0   U     9      0        0 wlan0

I also verified this by tracerouting a site (the router is a second hop):

traceroute ynet.co.il
traceroute to ynet.co.il (23.214.81.106), 30 hops max, 60 byte packets

 1  * * *
 2  Netgear (192.168.0.1)  1.808 ms  2.094 ms  1.964 ms

However when I run wget I don’t see mitmproxy intercepting it:
wget http://www.ynet.co.il/home/0,7340,L-8,00.html

What am I missing?


#4

Are you redirecting traffic on B to mitmproxy? See steps 3/4 at http://docs.mitmproxy.org/en/stable/transparent/linux.html.


#5

Now I followed the instructions at https://github.com/mitmproxy/mitmproxy/blob/master/docs/custom-routing.txt preceicely and it worked.

On ddwrt iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m multiport --dports 80,443 gave me segmentation fault for some reason, but running it twice which each port separately worked.

Thank you!


#6

Hi,

I’m kind of lost with the iptables rules for my configuration. Here is my set-up:

Set-top-box > Computer running Ubuntu with mitmproxy > Internet

My computer has 2 ethernet NIC (eth0 and eth1). eth0 is connected to the set-top-box and eth1 is connected to an Internet box. I created a network bridge (called br0) between them. How can I redirect the http traffic from my set-top-box to the listening port of mitmproxy?