Prevent transparent mode from connecting to itself in the basic cases, references #4128 (#4135)

CHANGELOG

@@ -6,6 +6,7 @@ Unreleased: mitmproxy next
     * Use `@charset` to decode CSS files if available (@prinzhorn)
     * Fix links to anticache docs in mitmweb and use HTTPS for links to documentation (@rugk)
     * Updated typing for WebsocketMessage.content (@prinzhorn)
+    * Prevent transparent mode from connecting to itself in the basic cases (@prinzhorn)
 
     * --- TODO: add new PRs above this line ---
 

mitmproxy/proxy/modes/transparent_proxy.py

@@ -10,7 +10,7 @@ class TransparentProxy(protocol.Layer, protocol.ServerConnectionMixin):
 
     def __call__(self):
         try:
-            self.server_conn.address = platform.original_addr(self.client_conn.connection)
+            self.set_server(platform.original_addr(self.client_conn.connection))
         except Exception as e:
             raise exceptions.ProtocolException("Transparent mode failure: %s" % repr(e))
 

mitmproxy/proxy/protocol/base.py

@@ -107,9 +107,14 @@ class ServerConnectionMixin:
         """
         address = self.server_conn.address
         if address:
+            forbidden_hosts = ["localhost", "127.0.0.1", "::1"]
+
+            if self.config.options.listen_host:
+                forbidden_hosts.append(self.config.options.listen_host)
+
             self_connect = (
                 address[1] == self.config.options.listen_port and
-                address[0] in ("localhost", "127.0.0.1", "::1")
+                address[0] in forbidden_hosts
             )
             if self_connect:
                 raise exceptions.ProtocolException(