Connection not found in NAT state table, aborting connection

[Jmmx1237]

I got the error: Connection not found in NAT state table, aborting connection

with the sslsplit comand: sslsplit -k sslsplit.key -c sslsplit.crt -P -D -I em2 -T 192.168.0.203 -l connections.log https 0.0.0.0 3129

how can i fix this?

[Jmmx1237]

Ah, and the error is only when the proxy setting in firefox is enabled, open webpages work fine, this is a bit paradox?

[sonertari]

Please read the paragraph in the sslsplit(1) man page starting with SSLsplit does not automagically redirect any network traffic., where it explains how to redirect the traffic to sslsplit. Firefox proxy settings is not supported.

[Jmmx1237]

Hey, a transparent proxy is configured, by the how to from the opnsense documentation.

[Jmmx1237]

Ok, if I disable the squid proxy then sslsplit work.

[Jmmx1237]

Is it possible that some credentials are hashed by some websites? For testing, I log in to some websites and the usr/pw are not output in clear text on SSL capture?

Unfortunately, the Mirrow of the data stream does not work, as interface em2 (OPT) at the sense and as IP the address to which the recording should be sent, somehow I do not understand something.

[trifle]

@Jmmx1237 pardon my interruption. I've subscribed to issues from sslsplit and thus get mails for every message here. That unfortunately means that all your questions here steal a lot of attention from people - mostly the maintainers - who are very busy.

It would be wonderful (and probably more productive) if you took some time to research your issues (such as - how does authentication work in web pages) and/or ask in a more interactive settings.

I know that it's not my position to set any rules here - I'm merely asking to be respectful of others' time. Thanks and good luck!

[sonertari]

@Jmmx1237, please do your homework before posting anything. This is a general advice given to all newbies. You are welcome to send private e-mails to me.

@trifle, I think that your intentions are good, but please ignore any e-mails you are not interested. One of the most useful features of e-mails is that they are not intrusive, that is you can very easily and quickly ignore them. For example, I receive many spam e-mails and SMS messages which I simply ignore.

I am sensitive about shutting people up because they post messages or send e-mails which receivers can easily ignore. Please do not ignore the effect of your reactions on the posters.

About 20 years ago, I was kicked out of a PhD program at Rutgers, because within 6 months I had sent a total of 4x very short and informative e-mails to the Department mailing list about George W. Bush and his ugly politics. One of the e-mails was a 'retweet' of the news on a research funding for the OpenBSD project having been cut because Theo had openly criticized the invasion of Irak by the US Forces. The President of Rutgers had publicly announced that he supported such open discussions, but it was about a year after 9/11 and the US had turned into a very strange place for free speech, so I found myself out the door.

The funny thing is that about 7 years later, Theo shut me up on their mailing lists, because within 3 years I had sent 3x release announcements of my firewall project running on OpenBSD (note that this happened even though my release announcements on their advocacy mailing list were already approved by the moderator of that list; all messages to their advocacy mailing list are approved by a real person).

I don't regret either of the two, because I guess I'd do the same again, both :).

Please do not reply to this issue, instead send private e-mails to me if you wish, which I may or may not ignore :).