Hey guys,
I'm having a problem when I try to intercept connections filtering by host:
| Command | Intercepts? |
| --- | --- |
| google.com | NO |
| ~h "Host: google.com" | YES |
| ~h "Host: .*\.google\.com" | YES |
| ~d google.com | NO |
| ~d "google.com" | NO |
The NO cases, nothing happens. No request/response is intercepted. When I try filtering the header host I succeed.
I checked the code and I see that the ~d pattern tries to find the regex within the host, but it's not working for some reason:
class FDomain(_Rex):
code = "d"
help = "Domain"
def __call__(self, f):
return bool(re.search(self.expr, f.request.host, re.IGNORECASE))
Can you guys help me? Am I doing something wrong? It's really annoying have to filter by host everytime.
Thanks in advance
@fjcaetano, here ~d google.com is working as intended with mitmproxy 0.9.2
Hi Fl谩vio,
to have a closer look on your problem, we need more details on your setup.
Are you running in regular, reverse or transparent mode?
Which OS are you on?
Which mitmproxy version are you using?
Thanks!
Max
Hey guys,
I'm trying to run mitmproxy 0.9.2 in transparent mode on a OSX Mavericks.
If there's any logs you may need, please ask.
BTW, I forgot to mention that if I disable showhosts and attempt to filter by the IP it works...
Hi there,
The issue here is that, due to the way transparent mode works, we don't have the destination host name. A connection comes in to mitmproxy, we use the native forwarding mechanism to resolve it to a remote IP, and then we forward the request. This is entirely unlike explicit proxy mode, where the client provides us with the expected remote hostname. When you turn on showhosts, we try to show you a good hostname indicator: most commonly the Host header in the HTTP request. This works mostly, but it might be equally valid to use various other heuristics, like the resolved domain.
What this means in practice is that the host match in transparent mode matches only against the IP address. If you want to match against the request host header (probably what you want), you have to do this explicitly. Have a look at the ~hq operator in the filter language.
Cheers,
Aldo
Most helpful comment
Hi there,
The issue here is that, due to the way transparent mode works, we don't have the destination host name. A connection comes in to mitmproxy, we use the native forwarding mechanism to resolve it to a remote IP, and then we forward the request. This is entirely unlike explicit proxy mode, where the client provides us with the expected remote hostname. When you turn on showhosts, we try to show you a good hostname indicator: most commonly the Host header in the HTTP request. This works mostly, but it might be equally valid to use various other heuristics, like the resolved domain.
What this means in practice is that the host match in transparent mode matches only against the IP address. If you want to match against the request host header (probably what you want), you have to do this explicitly. Have a look at the ~hq operator in the filter language.
Cheers,
Aldo