Example mitmproxy container for PLUS members using SPR
from the SPR directory
cd plugins
git clone https://github.com/spr-networks/spr-mitmproxy
echo [\"plugins/spr-mitmproxy/docker-compose.yml\"] > ../configs/base/custom_compose_paths.json
docker compose restart superd #temporary workaround for bug in <= v0.3.1, you can skip this later
cd spr-mitmproxy
docker compose build
- Add mitmproxy as a plugin
- be sure its been added to
configs/base/custom_compose_paths.json
as above - Enable it by toggling the slider
![Screen Shot 2023-11-14 at 8 20 38 PM](https://private-user-images.githubusercontent.com/37549748/283002983-dcc0f1ea-724a-4ed0-856a-56444ea2569f.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkxMDE4MTIsIm5iZiI6MTcxOTEwMTUxMiwicGF0aCI6Ii8zNzU0OTc0OC8yODMwMDI5ODMtZGNjMGYxZWEtNzI0YS00ZWQwLTg1NmEtNTY0NDRlYTI1NjlmLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjIzVDAwMTE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTEwOTcxYWNiNDU4YzA0YmI5NGYzODUzMjIyNmFkMjMzNjViYjQ3ODY1YjA0MmVjZmViMjg3MDJlNzczZDgzYzQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.btym3wins58k95OqXS2CXb6i6cvM18hYHEMAjTXvWsk)
- Add
mitmweb0
to the custom interface rules. You can verify your container's network address in the Container tab -> UnderFirewall-> Custom Interface Access
Add a new rule, make sure mitmproxy haswan
at least to access the internet.
![Screen Shot 2023-11-14 at 8 22 34 PM](https://private-user-images.githubusercontent.com/37549748/283003271-71d4c8c9-3812-452f-86df-a7d19fb703a6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkxMDE4MTIsIm5iZiI6MTcxOTEwMTUxMiwicGF0aCI6Ii8zNzU0OTc0OC8yODMwMDMyNzEtNzFkNGM4YzktMzgxMi00NTJmLTg2ZGYtYTdkMTlmYjcwM2E2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjIzVDAwMTE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWExMTlhZTU4ZDkxNTc2MjNiMzRkZjI0NThjMTJiOGU1YThhODVhZmE2YWU0NzU2ZGUzN2JkM2FjNjc3NTA2OTkmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.YCL514gw1F71_OSSmh8Kz3Wk3cd0ODZkORHBLAi4_WU)
- Create a forwarding rule to the container web interface :8081. Pick an arbitrary IP in the subnet -- although not the same one as the container as that confuses dnat.
![Screen Shot 2023-11-14 at 8 54 12 PM](https://private-user-images.githubusercontent.com/37549748/283008009-ff1424c6-b6ad-48d4-8ffe-03186f61abc6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkxMDE4MTIsIm5iZiI6MTcxOTEwMTUxMiwicGF0aCI6Ii8zNzU0OTc0OC8yODMwMDgwMDktZmYxNDI0YzYtYjZhZC00OGQ0LThmZmUtMDMxODZmNjFhYmM2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjIzVDAwMTE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWNjZTBkYWYxMTdlZTBjNWRlODg4YzhiZTc1MzhiZGUyNDNiOGEzMjI1YzExOGU5Y2YxYjcxN2RhY2I5OGFkYjEmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.pnxsYMivS7m4bE3mqVJftcbv7sdZbnICLmBZcnz6HyY)
- Create a site forward rule with PFW for traffic to intercept
![Screen Shot 2023-11-14 at 8 56 34 PM](https://private-user-images.githubusercontent.com/37549748/283008431-4d5e49b4-5860-4aad-ac17-510589ee31c5.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MTkxMDE4MTIsIm5iZiI6MTcxOTEwMTUxMiwicGF0aCI6Ii8zNzU0OTc0OC8yODMwMDg0MzEtNGQ1ZTQ5YjQtNTg2MC00YWFkLWFjMTctNTEwNTg5ZWUzMWM1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA2MjMlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNjIzVDAwMTE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPThhMDU1YjExYTUxNjhjZmU0NTMyMGZkMDE4NGU1MmZlNmNjMTA5ZDk2NTJiNTZmODgwY2M1YWY3NTk4OWQ3YzAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.DqZ4_z-_SKaNG1JIJthlbEGe4S699tDs6nHfqzstQSc)
Then make a curl request from any of the LAN devices, and it should populate on the mitmweb host. This was the :8081 host that was earlier defined