Make mitm work as a transparent proxy #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Merge in changes from bmizerany
This is necessary to get things working properly as a transparent proxy.
Parameterize proxy director
Cache TLS certificates
|
@shosti do you (still) use the rainforestapp/mitm fork? Thinking of trying this out in service of setting up a staging environment that can transparently mock (or at least sniff requests to) external HTTPS services. If it works, it seems like it would be easier to deploy than mitmproxy, but I'd want at least some kind of verbal encouragement from the fork maintainer that it's serviceable for internal use (with no warrantee implied or blah blah blah). |
Author
|
To be perfectly honest, we do use this internally but it’s heavily customized for our use case. I would recommend using mitmproxy for most projects since it’s better maintained. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This incorporates a bunch of work that @bmizerany did to make mitm work as a transparent proxy, plus some small changes we've done at Rainforest. It would be great to get it merged upstream if it makes sense. One thing I'm not entirely clear about (perhaps @bmizerany can clarify) is whether this will still work as an explicit proxy or additional work is necessary for that. @kr let me know what would need to be fixed to get this merged upstream.