I would like to be able to distinguish users based on their port. The most simple path I can imagine would be if we could configure mimtdump to listen on more than one port. Is that possible? Then we could look at that header info in a
script to figure out who was connecting. I would think we could also do this via a firewall rule, but I wanted to see if the easest path was available first.
I found this which is hopeful. https://groups.google.com/forum/#!topic/mitmproxy/Haf_78obt68
The question I still have to answer though, is will I be able to get the original port? Like if I did only iptables forwards, mitm would hae no clue where the request came from re pre forwarded port.
And I am still confused because here, https://github.com/mitmproxy/mitmproxy/issues/754 you say NOT to use NAT rules, but that is exactly what is in the example. The requests are getting through, but I have the same error as in that post re, HttpException(‘Invalid HTTP request form (expected: relative, got: absolute)’,)
“Make sure you have not explicitly configured an HTTP proxy on the client. This is not needed in transparent mode.” But this is exactly what I want to do, aka, configure port 9000 for Bob, 9001 for Jim, 9001 for Olaf etc…
I am still not sure if I can use this to determine the orignal port, because I am not expecting that to be port 80.
I misunderstood what transparent mode is for. What I really needed was a forward proxy in front of mitm. Once I had that, I just needed to customize the Via header and read that in my Python script on mitm. So now I can know what user was hitting the mitm based on what port they use. It would be a LOT better if mitm could configure more than one listening port since now my server is heavier with Apache in front of mitm. I looked into other options re Squid(for he frontend proxy) and Burb as a total replacement. Burb can do multiple ports and supports sockets(from what I read), but there are some things about it I am not so sure of, like automatically passing through failed SSL connections.