LinkSys router traffic to mitmproxy

I have LinkSys router get connected local devices to ethernet ports of it with IP addresses assigned (192.168.1.X) and WAN port connected to a network-A and network-A connected to internet.

I have written below rules in LinkSys router to route all HTTP traffic to Ubuntu machine running mitmproxy with transparent mode on 8080 port .

#!/bin/sh
PROXY_IP=Ubuntu-IP-Address
PROXY_PORT=80
LAN_IP=nvram get lan_ipaddr
LAN_NET=$LAN_IP/nvram get lan_netmask

iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -A POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT

Also, I have written below rule on Ubuntu machine to listen all traffic
Iptables -t nat -I PREROUTING -p tcp —dport 80 -j DNAT —to Ubuntu-IP-Address:8080

So, When mitmproxy captures the traffic from connected devices of LinkSys, Mitmproxy shows 404 because details section shows that mitmproxy hitting at Ubuntu-Server:80 like below:

Server : Ubuntu-IP-Address:80
Client: LinkSys-WAN-IP:randam port

Could you please help me to identify issue so that mitmproxy should hit real IP addresses of the HTTP Urls not to the Ubuntu IP address.

I have caught the issue that I was doing NAT before sending network traffic to MITM Proxy.
I have gone through over the details on URL https://docs.mitmproxy.org/stable/concepts-modes/ and found below note:
“Network Address Translation should not be applied before the traffic reaches mitmproxy, since this would remove the target information, leaving mitmproxy unable to determine the real destination.”

To get this issue resolve, I had changed the default gateway of router to my mitmproxy machine and it works!
Thanks MitmProxy Team.

For anyone else encountering this issue, here are the firewall rules that I used to proxy traffic via the router from one device to a machine running mitmproxy in transparent mode. Tested on the DD-WRT firmware.

#!/bin/sh
PROXIFYING_MACHINE=192.168.0.145
MACHINE_TO_PROXIFY=192.168.0.113
iptables -I PREROUTING 1 -t mangle -s $MACHINE_TO_PROXIFY ! -d nvram get lan_ipaddr/nvram get lan_netmask -p tcp -m multiport --dports 80,443 -j MARK --set-mark 3
iptables -I PREROUTING 2 -t mangle -s $MACHINE_TO_PROXIFY ! -d nvram get lan_ipaddr/nvram get lan_netmask -p tcp -m multiport --dports 80,443 -j CONNMARK --save-mark
iptables -I PREROUTING 3 -t mangle -s $MACHINE_TO_PROXIFY ! -d nvram get wan_ipaddr -p tcp -m multiport --dports 80,443 -j MARK --set-mark 3
iptables -I PREROUTING 4 -t mangle -s $MACHINE_TO_PROXIFY ! -d nvram get wan_ipaddr -p tcp -m multiport --dports 80,443 -j CONNMARK --save-mark

ip rule add fwmark 3 table 13
ip route add default via $PROXIFYING_MACHINE table 13

via https://gist.github.com/CROSP/ebbbc7171c336c4ea01b3a24a36daf10
and https://crosp.net/blog/administration/routing-network-traffic-through-socks5-proxy-using-dd-wrt/