search

sonertari / SSLproxy

Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection
BSD 2-Clause "Simplified" License
385 stars 100 forks source link

Bad ports in mirror #47

Closed piolug93 closed 2 years ago

piolug93 commented 2 years ago

When I set the option for packets mirroring to a dummy interface without an IP address and plug tcpdump into that interface, I see the wrong source and destination port. I attach debug log, pcap from that interface and pcap from option -X. Pcap from option -X is produced good. Packets mirroring working good in sslsplit.

option_X.pcap \ tcpdump_from_interface.pcap

SSLproxy  (built 2022-06-27)
------------------------------------------------------------------------------
WARNING: Something is wrong with the version compiled into sslproxy!
The version should contain a release number and/or a git commit reference.
If using a package, please report a bug to the distro package maintainer.
------------------------------------------------------------------------------
Copyright (c) 2017-2022, Soner Tari <sonertari@gmail.com>
https://github.com/sonertari/SSLproxy
Copyright (c) 2009-2019, Daniel Roethlisberger <daniel@roe.ch>
https://www.roe.ch/SSLsplit
Build info: V:DIR N:56b3680
Features: -DDEBUG_PROXY -DHAVE_NETFILTER -DWITHOUT_USERAUTH
NAT engines: netfilter* tproxy
netfilter: IP_TRANSPARENT IP6T_SO_ORIGINAL_DST
Local process info support: no
compiled against OpenSSL 1.1.1n  15 Mar 2022 (101010ef)
rtlinked against OpenSSL 1.1.1n  15 Mar 2022 (101010ef)
OpenSSL has support for TLS extensions
TLS Server Name Indication (SNI) supported
OpenSSL is thread-safe with THREADID
OpenSSL has engine support
Using SSL_MODE_RELEASE_BUFFERS
SSL/TLS protocol availability: tls10 tls11 tls12 tls13
SSL/TLS algorithm availability: !SHA0 RSA DSA ECDSA DH ECDH EC
OpenSSL option availability: SSL_OP_NO_COMPRESSION SSL_OP_NO_TICKET SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_TLS_ROLLBACK_BUG
compiled against libevent 2.1.12-stable
rtlinked against libevent 2.1.12-stable
compiled against libnet 1.1.6
rtlinked against libnet 1.1.6
compiled against libpcap n/a
rtlinked against libpcap 1.10.0 (with TPACKET_V3)
2 CPU cores detected
Generated 2048 bit RSA key for leaf certs.
Global conn opts: negotiate>=tls10<=tls13|ALL:!RC4|TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256|no ecdhcurve|no leafcrlurl|verify_peer|allow_wrong_host|validate_proto|8192
proxyspecs:
- listen=[0.0.0.0]:3130 ssl|http netfilter
opts= conn opts: negotiate>=tls10<=tls13|ALL:!RC4|TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256|no ecdhcurve|no leafcrlurl|verify_peer|allow_wrong_host|validate_proto|8192
split
macro $repositories = *.debian.org, packages.gitlab.com, ftp.de.debian.org, d20rj4el6vkp4c.cloudfront.net
filter rule 0: dstip=, dstport=, srcip=, exact=||, all=conns|sites|, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323
filter rule 0: sni=, dstport=, srcip=, exact=||, all=conns|sites|, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323
filter rule 0: cn=, dstport=, srcip=, exact=||, all=conns|sites|, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323
filter rule 0: host=, dstport=, srcip=, exact=||, all=conns|sites|, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323
filter rule 0: uri=, dstport=, srcip=, exact=||, all=conns|sites|, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323
filter rule 1: dstip=, dstport=, srcip=10.10.10., exact=||, all=|sites|, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=324
filter rule 2: dstip=, dstport=, srcip=10.1.40., exact=||, all=|sites|, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=325
filter rule 3: dstip=, dstport=, srcip=10.1.20.4, exact=||ip, all=|sites|, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=326
filter rule 4: dstip=, dstport=, srcip=10.1.10.103, exact=||ip, all=|sites|, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=327
filter rule 5: host=*.debian.org, dstport=, srcip=, exact=site||, all=conns||, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328
filter rule 6: host=packages.gitlab.com, dstport=, srcip=, exact=site||, all=conns||, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328
filter rule 7: host=ftp.de.debian.org, dstport=, srcip=, exact=site||, all=conns||, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328
filter rule 8: host=d20rj4el6vkp4c.cloudfront.net, dstport=, srcip=, exact=site||, all=conns||, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328
filter=>
ip_filter_exact->
  ip 0 10.1.10.103 (exact)=
    ip all:
      0:  (all_sites, substring, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=327)
  ip 1 10.1.20.4 (exact)=
    ip all:
      0:  (all_sites, substring, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=326)
ip_filter_substring->
  ip 0 10.10.10. (substring)=
    ip all:
      0:  (all_sites, substring, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=324)
  ip 1 10.1.40. (substring)=
    ip all:
      0:  (all_sites, substring, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=3, line=325)
filter_all->
    ip all:
      0:  (all_sites, substring, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323)
    sni all:
      0:  (all_sites, substring, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323)
    cn all:
      0:  (all_sites, substring, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323)
    host exact:
      0: *.debian.org (exact, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328)
      1: d20rj4el6vkp4c.cloudfront.net (exact, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328)
      2: ftp.de.debian.org (exact, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328)
      3: packages.gitlab.com (exact, action=|split|||, log=connect|master|cert|content|pcap|mirror, precedence=2, line=328)
    host all:
      0:  (all_sites, substring, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323)
    uri all:
      0:  (all_sites, substring, action=|||block|, log=connect|master|cert|content|pcap|mirror, precedence=1, line=323)

Loaded Global CA: '/C=cenzored/ST=cenzored/L=cenzored/O=cenzored/emailAddress=cenzored/CN=cenzored'
Loaded ProxySpec CA: '/C=cenzored/ST=cenzored/L=cenzored/O=cenzored/emailAddress=cenzored/CN=cenzored'
SSL/TLS leaf certificates taken from:
- Global generated on the fly
Privsep fastpath disabled
Created self-pipe [r=8,w=9]
Created chld-pipe [r=10,w=11]
Created socketpair 0 [p=12,c=13]
Created socketpair 1 [p=14,c=15]
Created socketpair 2 [p=16,c=17]
Created socketpair 3 [p=18,c=19]
Created socketpair 4 [p=20,c=21]
Created socketpair 5 [p=22,c=23]
Privsep parent pid 79160
Privsep child pid 79161
Using libevent backend 'epoll'
Event base supports: edge yes, O(1) yes, anyfd no
[FINEST] proxy_listener_setup: ENTER
Received privsep req type 03 sz 9 on srvsock 12
Received privsep req type 00 sz 1 on srvsock 12
Dropped privs to user proxy group proxy chroot -
Received privsep req type 00 sz 1 on srvsock 14
Received privsep req type 00 sz 1 on srvsock 22
Inserted events:
  0x563f406bed58 [fd  8] Read Persist Internal
  0x563f406bef30 [fd  10] Read Persist Internal
  0x563f406bf698 [fd  11] Read Persist
  0x563f406b95c0 [sig 1] Signal Persist
  0x563f40689f80 [sig 2] Signal Persist
  0x563f406b9990 [sig 3] Signal Persist
  0x563f406b96f0 [sig 10] Signal Persist
  0x563f406b9900 [sig 13] Signal Persist
  0x563f406bcf90 [sig 15] Signal Persist
  0x563f406ba800 [fd  -1] Persist Timeout=1656405810.417983
Active events:
Initialized 4 connection handling threads
Started 4 connection handling threads
Starting main event loop.
[FINEST] proxy_listener_acceptcb: ENTER, fd=31
[FINEST] proxy_conn_ctx_new: ENTER, fd=31
[FINEST] [0.0 fd=31 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.0 fd=31 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.0 fd=31 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.0 fd=31 cfd=0] check_fd_usage: descriptor_table_size=1024, dtablecount=33, reserve=10
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_init: srcaddr= [10.10.10.14]:53700
[FINEST] [0.0 fd=31 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [o2.pl] [complete], fd=31
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_connect: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip exact: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip substring: 10.10.10.14
[FINE] [0.0 fd=31 cfd=0] pxy_conn_filter_match_ip: Found site (line=324):  for 10.10.10.14:53700, 212.77.98.29:443
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter_match_ip: Match all dst (line=324): , 212.77.98.29
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter_port: No filter match with port: 10.10.10.14:53700, 212.77.98.29:443
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter split action for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable connect log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable master log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable cert log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable content log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable pcap log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable mirror log for 212.77.98.29, precedence 3 (line=324)
Connecting to [212.77.98.29]:443
[FINEST] [0.0 fd=31 cfd=0] protossl_conn_connect: ENTER
[FINEST] [0.0 fd=31 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.0 fd=31 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
[FINEST] [0.0 fd=31 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip exact: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip substring: 10.10.10.14
[FINE] [0.0 fd=31 cfd=0] pxy_conn_filter_match_ip: Found site (line=324):  for 10.10.10.14:53700, 212.77.98.29:443
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter_match_ip: Match all dst (line=324): , 212.77.98.29
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter_port: No filter match with port: 10.10.10.14:53700, 212.77.98.29:443
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter split action for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable connect log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable master log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable cert log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable content log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable pcap log for 212.77.98.29, precedence 3 (line=324)
[FINE] [0.0 fd=31 cfd=0] pxy_conn_set_filter_action: Filter enable mirror log for 212.77.98.29, precedence 3 (line=324)
===> Original server certificate:
Subject DN: /CN=*.o2.pl
Common Names: *.o2.pl/*.o2.pl/o2.pl
Fingerprint: 31:A6:82:23:07:BE:BC:C6:79:AC80:FC:FD:BE:B6:1A:50:EB:56:2A
Certificate cache: MISS
===> Forged server certificate:
Subject DN: /CN=*.o2.pl
Common Names: *.o2.pl/*.o2.pl/o2.pl
Fingerprint: 54:A2:15:40:D3:CE:FD:C5:FA:B0D2:05:FE:EA:C2:A7:67:11:2A:60
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip exact: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip substring: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] protossl_filter: No filter match with sni: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, *.o2.pl/*.o2.pl/o2.pl
[FINEST] [0.0 fd=31 cfd=0] protossl_filter: No filter match with common names: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, *.o2.pl/*.o2.pl/o2.pl
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching all
[FINE] [0.0 fd=31 cfd=0] protossl_filter_match_sni: Found site (line=323):  for 10.10.10.14:53700, 212.77.98.29:443, o2.pl
[FINEST] [0.0 fd=31 cfd=0] protossl_filter_match_sni: Rule precedence lower than conn filter precedence 1 < 3 (line=323): , o2.pl
[FINEST] [0.0 fd=31 cfd=0] protossl_filter: No filter match with sni: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, *.o2.pl/*.o2.pl/o2.pl
[FINEST] [0.0 fd=31 cfd=0] protossl_filter: No filter match with common names: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, *.o2.pl/*.o2.pl/o2.pl
[FINEST] [0.0 fd=31 cfd=0] prototcp_disable_srvdst: ENTER
[FINEST] [0.0 fd=31 cfd=0] protossl_bev_eventcb_connected_dst: ENTER
[FINEST] [0.0 fd=31 cfd=0] protossl_bufferevent_setup: ENTER, fd=31
[FINEST] [0.0 fd=31 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=31
[FINER] [0.0 fd=31 cfd=0] protossl_enable_src: Enabling src
Certificate cache: KEEP (SNI match or target mode)
Certificate cache: KEEP (SNI match or target mode)
[FINEST] [0.0 fd=31 cfd=0] prototcp_bev_eventcb_connected_src: ENTER
HTTPS connected to [212.77.98.29]:443 TLSv1.3 TLS_AES_256_GCM_SHA384
CLIENT_RANDOM 06A06AA0D6F9D2EBAEB996CA4FC6C86B157421EEB7F7A62104EE2E63F8B2556F 23A1060A01A7ECD8B205DE78B5CAF4432BB03F997E3DF12797BF8DC4CEDC9DA5FB14586331D004FAE51FAE1132AB5C4D
[FINEST] [0.0 fd=31 cfd=0] protohttp_bev_readcb_src: ENTER, size=69
[FINEST] [0.0 fd=31 cfd=0] protohttp_bev_readcb_src: HTTP Request Header, size=69
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_request_header: GET / HTTP/1.1
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_request_header: Host: o2.pl
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_request_header: User-Agent: curl/7.74.0
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_request_header: Accept: */*
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_request_header:
[FINER] [0.0 fd=31 cfd=0] protohttp_filter_request_header: REPLACE= Connection: close

[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip exact: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching ip substring: 10.10.10.14
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter: No filter match with host: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, /
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter: No filter match with uri: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, /
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_filter: Searching all
[FINE] [0.0 fd=31 cfd=0] protohttp_filter_match_host: Found site (line=323):  for 10.10.10.14:53700, 212.77.98.29:443, o2.pl
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_match_host: Rule precedence lower than conn filter precedence 1 < 3 (line=323): , o2.pl
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter: No filter match with host: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, /
[FINE] [0.0 fd=31 cfd=0] protohttp_filter_match_uri: Found site (line=323):  for 10.10.10.14:53700, 212.77.98.29:443, /
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_match_uri: Rule precedence lower than conn filter precedence 1 < 3 (line=323): , /
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter: No filter match with uri: 10.10.10.14:53700, 212.77.98.29:443, o2.pl, /
[FINEST] [0.0 fd=31 cfd=0] protohttp_validate_method: Passed method validation: GET
[FINEST] [0.0 fd=31 cfd=0] protohttp_validate: Passed validation
[FINEST] [0.0 fd=31 cfd=0] prototcp_bev_writecb_dst: ENTER
[FINEST] [0.0 fd=31 cfd=0] protohttp_bev_readcb_dst: ENTER, size=343
[FINEST] [0.0 fd=31 cfd=0] protohttp_bev_readcb_dst: HTTP Response Header, size=343
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: HTTP/1.1 301 Moved Permanently
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Server: nginx
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Date: Tue, 28 Jun 2022 08:42:33 GMT
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Content-Type: text/html
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Content-Length: 162
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Connection: close
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header: Location: https://www.o2.pl/
[FINEST] [0.0 fd=31 cfd=0] protohttp_filter_response_header:
CONN: https 10.10.10.14 53700 212.77.98.29 443 o2.pl GET / 301 162 sni:o2.pl names:*.o2.pl/*.o2.pl/o2.pl sproto:TLSv1.3:TLS_AES_256_GCM_SHA384 dproto:TLSv1.3:TLS_AES_128_GCM_SHA256 origcrt:31A6822307BEBCC679AC80FCFDBEB61A50EB562A usedcrt:54A21540D3CEFDC5FAB0D205FEEAC2A767112A60
[FINEST] [0.0 fd=31 cfd=0] protohttp_bev_writecb_src: ENTER
[FINEST] [0.0 fd=31 cfd=0] prototcp_bev_eventcb_eof_dst: ENTER
evbuffer size at EOF: i:0 o:0 i:0 o:0
[FINEST] [0.0 fd=31 cfd=0] prototcp_bev_eventcb_eof_dst: !src.closed, terminate conn
[FINEST] [0.0 fd=31 cfd=0] pxy_try_close_conn_end: outbuflen == 0, terminate conn
[FINER] [0.0 fd=31 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=31
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [accept socket]
[FINER] [0.0 fd=31 cfd=0] protossl_bufferevent_free_and_close_fd: fd=31, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [accept socket]
[FINER] [0.0 fd=31 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=32
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.0 fd=31 cfd=0] protossl_bufferevent_free_and_close_fd: fd=32, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINEST] [0.0 fd=31 cfd=0] pxy_try_disconnect: other->closed, terminate conn
HTTPS disconnected to [212.77.98.29]:443, fd=31
HTTPS disconnected from [10.10.10.14]:53700, fd=31
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_free: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.0 fd=31 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.0 fd=31 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
Received signal 2
Main event loop stopped (reason=2).
[FINEST] main: EXIT closing privsep clisock=13
Received privsep req type 00 sz 1 on srvsock 18
Received privsep req type 00 sz 1 on srvsock 20
Received privsep req type 00 sz 1 on srvsock 16
Child pid 79161 exited with status 0
piolug93 commented 2 years ago

I send pull request with fix.

https://github.com/sonertari/SSLproxy/pull/48