Hi, I am trying to use sslsplit as a transparent proxy to intercept localhost traffic. I tried to send outgoing traffic (en0) to lo0 and subsequently redirect to sslsplit, but it didn't work. Anyone has any advice?
pf.conf:
scrub-anchor "com.apple/"
nat-anchor "com.apple/"
rdr-anchor "com.apple/"
rdr pass log on lo0 proto tcp from en0 to any port 443 -> 127.0.0.1 port 8080
dummynet-anchor "com.apple/"
anchor "com.apple/*"
load anchor "com.apple" from "/etc/pf.anchors/com.apple"
pass out on en0 route-to lo0 proto tcp from en0 to any port 443 keep state
pass out log quick on en0 proto tcp to port www divert-to lo port 8080
But,
I guess your OS and the version of pf are different. (FreeBSD? macOS?)
I don't remember the details, but I think I had tried a rule like that long ago, and it did not work, because, if I recall correctly, it was too late to divert outgoing packets like that. In short, I may be wrong.
Hi, I am trying to use sslsplit as a transparent proxy to intercept localhost traffic. I tried to send outgoing traffic (en0) to lo0 and subsequently redirect to sslsplit, but it didn't work. Anyone has any advice?
pf.conf:
scrub-anchor "com.apple/" nat-anchor "com.apple/" rdr-anchor "com.apple/" rdr pass log on lo0 proto tcp from en0 to any port 443 -> 127.0.0.1 port 8080 dummynet-anchor "com.apple/" anchor "com.apple/*" load anchor "com.apple" from "/etc/pf.anchors/com.apple" pass out on en0 route-to lo0 proto tcp from en0 to any port 443 keep state
sslsplit:
sudo sslsplit -D -k ca.key -c ca.crt https 127.0.0.1 8080