diff options
Diffstat (limited to 'mitmproxy/libmproxy/platform/osx.py')
-rw-r--r-- | mitmproxy/libmproxy/platform/osx.py | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/mitmproxy/libmproxy/platform/osx.py b/mitmproxy/libmproxy/platform/osx.py new file mode 100644 index 00000000..afbc919b --- /dev/null +++ b/mitmproxy/libmproxy/platform/osx.py @@ -0,0 +1,36 @@ +import subprocess +import pf + +""" + Doing this the "right" way by using DIOCNATLOOK on the pf device turns out + to be a pain. Apple has made a number of modifications to the data + structures returned, and compiling userspace tools to test and work with + this turns out to be a pain in the ass. Parsing pfctl output is short, + simple, and works. + + Note: Also Tested with FreeBSD 10 pkgng Python 2.7.x. + Should work almost exactly as on Mac OS X and except with some changes to + the output processing of pfctl (see pf.py). +""" + + +class Resolver(object): + STATECMD = ("sudo", "-n", "/sbin/pfctl", "-s", "state") + + def original_addr(self, csock): + peer = csock.getpeername() + try: + stxt = subprocess.check_output(self.STATECMD, stderr=subprocess.STDOUT) + except subprocess.CalledProcessError as e: + if "sudo: a password is required" in e.output: + insufficient_priv = True + else: + raise RuntimeError("Error getting pfctl state: " + repr(e)) + else: + insufficient_priv = "sudo: a password is required" in stxt + + if insufficient_priv: + raise RuntimeError( + "Insufficient privileges to access pfctl. " + "See http://mitmproxy.org/doc/transparent/osx.html for details.") + return pf.lookup(peer[0], peer[1], stxt) |