Show Posts
1
General Discussion / Is there a way to do the equivalent of "pass in quick proto tcp" in the GUI?
« on: April 15, 2023, 11:46:14 pm »
I searched the forum for this, and the closest I could find was this: https://forum.opnsense.org/index.php?topic=2063.0
I'm just trying to setup redirection to a transparent proxy, following the instructions here for OpenBSD (as this is what opnsense is under the hood) https://docs.mitmproxy.org/stable/howto-transparent/#openbsd
It says to add this to /etc/pf.conf:
This assumes running on a local machine, but on my opnsense router I'd have to tell it another IP address on the vlan.
However, it's not clear to me how to achieve the same in opnsense. Originally I simply tried port forwarding, before realising that wouldn't work.
Any ideas here please? If it's not possible in the GUI, how do I do it manually?
I'm just trying to setup redirection to a transparent proxy, following the instructions here for OpenBSD (as this is what opnsense is under the hood) https://docs.mitmproxy.org/stable/howto-transparent/#openbsd
It says to add this to /etc/pf.conf:
Code: [Select]
mitm_if = "re2"
pass in quick proto tcp from $mitm_if to port { 80, 443 } divert-to 127.0.0.1 port 8080
This assumes running on a local machine, but on my opnsense router I'd have to tell it another IP address on the vlan.
However, it's not clear to me how to achieve the same in opnsense. Originally I simply tried port forwarding, before realising that wouldn't work.
Any ideas here please? If it's not possible in the GUI, how do I do it manually?