Mitmproxy Transparent mode not working

rafareyes7 · December 26, 2018, 8:17pm

Hi guys,

I’m trying to set up a mitmproxy in transparent mode following the instructions from the official-doc howto-transparent but is not working.

I want to set mitmproxy in transparent mode to avoid any client configuration and forward all HTTP traffic to my proxy server.

My interfaces:

enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.2.15  netmask 255.255.255.0  broadcast 10.0.2.255
        inet6 fe80::6774:861b:f4e:c9e3  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:fa:5c:69  txqueuelen 1000  (Ethernet)
        RX packets 12666  bytes 10589141 (10.5 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5967  bytes 404489 (404.4 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 153  bytes 13996 (13.9 KB)
        RX errors 0  dropped 0  overruns 0  frame 0

After setting the rules:

sudo iptables -t nat -A PREROUTING -i enp0s3 -p tcp --dport 80 -j REDIRECT --to-port 8080
sudo iptables -t nat -A PREROUTING -i enp0s3 -p tcp --dport 443 -j REDIRECT --to-port 8080

My nat table from iptables:

Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80 redir ports 8080
REDIRECT   tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443 redir ports 8080

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Problem: When I run mitmproxy --mode transparent --showhost and execute a curl or load a page in the browser, the HTTP traffic is not captured by mitmproxy.

Any help?

slabz · August 1, 2019, 5:37am

I had the same problem and I think it’s because the commands from the doco are for running mitmproxy on a separate host from the client. I’m assuming you execute a curl on the same host that is running mitmproxy.

I think you need to use:

sudo iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner root --dport 80 -j REDIRECT --to-port 8080
sudo iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner root --dport 443 -j REDIRECT --to-port 8080

…and then run mitmproxy as root. The reason for running as root is so the traffic coming from mitmproxy is not redirected back to itself. You could also create a separate user for running mitmproxy and exclude that user so you don’t have to run as root.

As a note, my commands don’t specify a network interface. You can try adding that if you need that restriction but I’m still too much of an iptables n00b to know how that’ll affect things.

I got into a bit more detail and link some sources in my answer here: https://serverfault.com/a/977515/265053

Topic		Replies	Views
Issues with transparent mode help	2	3520	August 9, 2016
Linux fully transparent mode help	0	1041	March 7, 2018
Mitmproxy in transparent mode with SNAT help	0	805	May 29, 2017
Transparent mode misconfiguration	1	2556	October 29, 2018
Couldn't use mitmproxy for download file help	0	967	June 2, 2018

Mitmproxy Transparent mode not working

Related Topics