diff options
Diffstat (limited to 'doc-src')
| -rw-r--r-- | doc-src/transparent/osx.html | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc-src/transparent/osx.html b/doc-src/transparent/osx.html index 77eea63b..205e4c76 100644 --- a/doc-src/transparent/osx.html +++ b/doc-src/transparent/osx.html @@ -67,3 +67,15 @@ rdr on en2 inet proto tcp to any port 443 -> 127.0.0.1 port 8080 </ol> + +Note that the **rdr** rules in the pf.conf given above only apply to inbound +traffic. This means that they will NOT redirect traffic coming from the box +running pf itself. We can't distinguish between an outbound connection from a +non-mitmproxy app, and an outbound connection from mitmproxy itself - if you +want to intercept your OSX traffic, you should use an external host to run +mitmproxy. None the less, pf is flexible to cater for a range of creative +possibilities, like intercepting traffic emanating from VMs. See the +**pf.conf** man page for more. + + + |