Hi,
I want a transparent proxy that captures all outgoing tcps so I used NETransparentProxyManager to start an AppProxyProvider with the following rule:
networkSettings.includedNetworkRules = NENetworkRule(
remoteNetwork: nil, remotePrefix: NSNotFound, localNetwork: nil, localPrefix: NSNotFound,
protocol: .TCP, direction: NETrafficDirection.outbound
)
Everything works as expected except that, after the AppProxyProvider has been started:
Any try of starting a tcp listener listening on 0.0.0.0 fails with error "Protocol wrong type for socket". This can be easily reproduced by running
python3 -m http.server
, which fails with the error:
OSError: [Errno 41] Protocol wrong type for socket
Tcp listeners that were already boud to 0.0.0.0 won't see incoming connections from local network.
Is it a bug or were I doing something wrong?
Also, I notice that the transparent proxy cannot capture tcp connections to localhost. I suppose it is by design but is there any way to achieve that? (setting includeAllNetworks to true and excludeLocalNetworks to false does not work)
Thanks.