diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2013-12-08 21:38:53 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2013-12-08 21:38:53 +1300 |
| commit | 925eaa934323a7d9210b7b7683201c875e1729b6 (patch) | |
| tree | 32f03eb4b7a736373ea9217a09d91728be222743 | |
| parent | 1e733f314903feef9607722f23529b5ea6fd03dc (diff) | |
| download | mitmproxy-925eaa934323a7d9210b7b7683201c875e1729b6.tar.gz mitmproxy-925eaa934323a7d9210b7b7683201c875e1729b6.tar.bz2 mitmproxy-925eaa934323a7d9210b7b7683201c875e1729b6.zip | |
Add a note to the docs about pf redirection of traffic from the host itself.
| -rw-r--r-- | doc-src/transparent/osx.html | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc-src/transparent/osx.html b/doc-src/transparent/osx.html index 77eea63b..205e4c76 100644 --- a/doc-src/transparent/osx.html +++ b/doc-src/transparent/osx.html @@ -67,3 +67,15 @@ rdr on en2 inet proto tcp to any port 443 -> 127.0.0.1 port 8080 </ol> + +Note that the **rdr** rules in the pf.conf given above only apply to inbound +traffic. This means that they will NOT redirect traffic coming from the box +running pf itself. We can't distinguish between an outbound connection from a +non-mitmproxy app, and an outbound connection from mitmproxy itself - if you +want to intercept your OSX traffic, you should use an external host to run +mitmproxy. None the less, pf is flexible to cater for a range of creative +possibilities, like intercepting traffic emanating from VMs. See the +**pf.conf** man page for more. + + + |