You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Run mitmproxy on a publicly routable host, with default configuration including listen_host="", listen_port=8080, and allow_remote=false.
From a host on a different network, send a request through that instance of mitmproxy, e.g. with curl --proxy http://your-host.example:8080
The default allow_remote=false should prevent this request from succeeding. However, it is served by mitmproxy just fine.
Any other comments? What have you tried so far?
I have a laptop sitting in the “DMZ” of a home router, which is globally IPv4 routable. I also have a VPS which is globally IPv4 routable. Both the laptop and the VPS are running Ubuntu 16.04 “Xenial Xerus”. I can reproduce the problem with mitmproxy running on the VPS and curl on the laptop, as well as vice-versa.
Both tcpdump and mitmproxy’s own Details pane show the request as originating from a remote network.
I only noticed this because I saw strange flows in a mitmproxy instance that I spun up on the laptop.
Steps to reproduce the problem:
listen_host=""
,listen_port=8080
, andallow_remote=false
.curl --proxy http://your-host.example:8080
The default
allow_remote=false
should prevent this request from succeeding. However, it is served by mitmproxy just fine.Any other comments? What have you tried so far?
I have a laptop sitting in the “DMZ” of a home router, which is globally IPv4 routable. I also have a VPS which is globally IPv4 routable. Both the laptop and the VPS are running Ubuntu 16.04 “Xenial Xerus”. I can reproduce the problem with mitmproxy running on the VPS and curl on the laptop, as well as vice-versa.
Both tcpdump and mitmproxy’s own Details pane show the request as originating from a remote network.
I only noticed this because I saw strange flows in a mitmproxy instance that I spun up on the laptop.
System information
Mitmproxy: 3.0.3 binary
Python: 3.5.2
OpenSSL: OpenSSL 1.1.0g 2 Nov 2017
Platform: Linux-4.4.0-116-generic-x86_64-with-debian-stretch-sid
The text was updated successfully, but these errors were encountered: