mitmproxy/doc-src/transparent.html

15 lines
1.1 KiB
HTML
Raw Normal View History

2013-04-04 22:55:28 +00:00
When a transparent proxy is used, traffic is redirected into a proxy at the network layer, without
any client configuration being required. This makes transparent proxying ideal for those situations
where you can't change client behaviour - proxy-oblivious Android applications being a common
example.
2013-04-04 22:55:28 +00:00
To set up transparent proxying, we need two new components. The first is a
redirection mechanism that transparently reroutes a TCP connection destined for
a server on the Internet to a listening proxy server. This usually takes the
form of a firewall on the same host as the proxy server -
[iptables](http://www.netfilter.org/) on Linux or
[pf](http://en.wikipedia.org/wiki/PF_\(firewall\)) on OSX. When the proxy receives a redirected connection, it sees a vanilla HTTP request, without a host specification. This is where the second new component comes in - a host module that allows us to query the redirector for the original destination of the TCP connection.
At the moment, mitmproxy supports transparent proxying on OSX Lion and above, and all current flavors of Linux.kkkkk