fully transparent proxy

sonertari / SSLproxy

Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection

BSD 2-Clause "Simplified" License

377 stars 98 forks source link

fully transparent proxy #64

Closed Byeonghong-Son closed 2 months ago

Byeonghong-Son commented 2 months ago

Hello

I want to mirror only decoded (HTTP) packets that act as a fully transparent proxy for sslproxy.

client --- router(gateway) --- sslproxy box --- server

Therefore, sslproxy requires a fully transparent proxy configuration that does not act as a separate private or public ip and gateway.

Please give me an example of how to set it up if the related configuration is possible and thank you.

sonertari commented 2 months ago

What I understand from your description is that you are looking for a proxy that decrypts HTTPS traffic and pass it to a plain HTTP server. In other words, an HTTPS to HTTP reverse proxy as described here: https://www.jscape.com/blog/https-to-http-reverse-proxy. If so, SSLproxy is not designed for that purpose.

Byeonghong-Son commented 2 months ago

Hello

My explanation was insufficient.

To explain it again

client(HTTS)-----router(gateway)-----sslproxy box(inline mode)---(HTTS)Server		Mirror Port(HTTP Plain Packet)

                                                        Packet Caputer Box

I tried to configure an online mode that works completely transparent without setting up public or private ip using nft, iptables, tproxy, etc., but failed.

A fully transparent inline configuration is required with SSL proxy.

Please give me an example of how to set it up if the related configuration is possible and thank you.