I'd like to implement a mitmproxy for a single application on my mac. Pfctl doesn't natively have (from what I can see) support to set rules based on the application source/dest of the packets, but the Application Level Filter (ALF) does. Is there a way to combine the two? From what I can see, the only rules you can apply to ALF is a simple accept/deny flag, nothing more. I'd ideally like to apply a 'rdr' rule within alf
Way to do per-application rules in pfctl/alf
firewallipfw
Related Question
- MacOS – How to limit the bandwidth on a per-application (or per-process) basis in OS X Yosemite
- macOS – Fix Application Firewall Not Enabling pfctl
- pfctl – Add Rules at Runtime Without Editing /etc/pf.conf
- MacOS – use `pf` to allow TCP traffic on specific port (from specific subnet)
- MacOS – How to debug macOS firewall? My application layer firewall (ALF) is not logging or blocking
- Starting `pf` Firewall at System Startup
Best Answer
Have you looked at this post (see comment dated 30 Aug from user mhils)? Basically, running in mitmproxy in transparent mode can be accomplished with the -T argument. It appears that this is supposed to provide access to the PID of the source process, but I am not sure that the destination process id is captured.
I am not a user of mitmproxy, so please let me know if this helps.
Cheers, Byron