Proxy
If required, users can utilize mitmproxy to access secured domains.
Proxy features have only been optimized to run on Raspbian devices that do not require a password for sudo commands.
Install mitmproxy on the proxy device.
Edit proxyConfig.py in src/proxy/proxy. The script should contain the following,
DOMAIN = "secret.com"
AUTHORIZATION_HEADER = "secret"
def request(context, flow):
if flow.request.pretty_host(hostheader=True).endswith(DOMAIN):
flow.request.headers["Authorization"] = [AUTHORIZATION_HEADER]Set DOMAIN with the target domain and AUTHORIZATION_HEADER with your header string.
Run mitmproxy with the command
$ mitmproxy -s proxyConfig.py
Then start proxy.go to manage the proxy device's iptables. Pass the master's IP address and port number as flags. For example,
$ proxy.go -masterIP=10.0.0.180 -masterPort=5000
Install your mitmproxy's certificate authority on the slave device.
Change your device's network preferences to use the proxy.
Create a directory for the mitmproxy CA certificate in /usr/share/ca-certificates
$ sudo mkdir /usr/share/ca-certificates/mitmproxy
Replace the deafult '.pem' extension of mitmproxy-ca-cert.pem with '.crt', so that it becomes mitmproxy-ca-cert.crt. Copy the '.crt' file to the directory
$ sudo cp mitmproxy-ca-cert.crt /usr/share/ca-certificates/mitmproxy/mitmproxy-ca-cert.crt
Add the '.crt' file's path relative to /usr/share/ca-certificates to /etc/ca-certificates.conf
$ sudo dpkg-reconfigure ca-certificates
The slave will now trust information served by the mitmproxy.
At slave start up, configure the slaves with the flag -proxyURL=http://[proxy_IP_address]:8080. By default, mitmproxy runs on port 8080.