Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jul 09 02:17
    ulises-castro commented #53
  • Jun 01 22:04
    CLAassistant commented #68
  • Jun 01 22:04
    dependabot[bot] labeled #68
  • Jun 01 22:04
    dependabot[bot] opened #68
  • Jun 01 22:04

    dependabot[bot] on pip

    Bump urllib3 from 1.22 to 1.26.… (compare)

  • May 22 07:11
    tejasjyothishetty opened #67
  • May 22 06:19
    tejasjyothishetty opened #66
  • Apr 20 17:05
    joedownloads1 opened #65
  • Mar 29 16:57
    CLAassistant commented #64
  • Mar 29 16:57
    dependabot[bot] labeled #64
  • Mar 29 16:57
    dependabot[bot] opened #64
  • Mar 29 16:57

    dependabot[bot] on pip

    Bump pygments from 2.2.0 to 2.7… (compare)

  • Mar 25 21:51
    CLAassistant commented #63
  • Mar 25 21:51
    dependabot[bot] labeled #63
  • Mar 25 21:51
    dependabot[bot] opened #63
  • Mar 25 21:50

    dependabot[bot] on pip

    Bump pyyaml from 3.12 to 5.4 B… (compare)

  • Mar 19 22:02
    CLAassistant commented #62
  • Mar 19 22:02
    dependabot[bot] labeled #62
  • Mar 19 22:02
    dependabot[bot] opened #62
  • Mar 19 22:02

    dependabot[bot] on pip

    Bump jinja2 from 2.10 to 2.11.3… (compare)

Samidhya Sarker
@desertSniper87
Cold Turkey blocks on the hosts file. Plus you need to pay a one-time fee to access features like Scheduling or breaks.
aniketpanjwani
@aniketpanjwani
That's true, but I think it's your best option for now. I'm going to make a more complete development plan this weekend, but I think that windows support likely will not occur for a while.
Miheer Dewaskar
@miheerdew
Hi Aniket, I was looking at PF. Following the instructions here doesn't redirect all outgoing traffic (as the note at the bottom of the page says).
This answer might be relevant, and I will also look into how Dansguardian/Squid handles pf.
aniketpanjwani
@aniketpanjwani
Hmm... that's pretty annoying. One option is to spin Chomper up in a VM or Docker container. However, that's a layer of complexity I'd rather avoid. I'm still planning on MacOS compatibility in release 0.3.0 (https://github.com/aniketpanjwani/chomper/projects/6). After 0.2.1, I'm going to make a hackintosh with a spare thinkpad so that I can work on MacOS myself.
Thanks Miheer!
aniketpanjwani
@aniketpanjwani
aniketpanjwani
@aniketpanjwani
There's also this gist: https://gist.github.com/kujohn/7209628
Miheer Dewaskar
@miheerdew
Thanks for the links. The problem is that the rdr command only works for connections coming into the interface, but doesn't apply to connections going out from the interface (which is what we want).
I think that mitm is going into an infinite loop with some of my solutions. But if I understand correctly, your iptable rules are using the user != root option to prevent this
Miheer Dewaskar
@miheerdew
And thanks. I am starting with #2 because that way I can start using chomper :) . Using a mitim proxy seems to be the only genuine (non-hacky) solution to problem of restricting web-browsing. So that is an additional motivation for me to get this transparent proxy to work.
Miheer Dewaskar
@miheerdew
If we are unable to set up a transparent proxy, the other option is to set mitmproxy as an explicit proxy. So no need to go to a VM/Docker container :)
aniketpanjwani
@aniketpanjwani

Yeah - for sure start with #2 ! It'll be really nice to have someone working in parallel.

The instructions in the gist are different from the instructions in mitmproxy. It seems like the instructions in the gist are providing a work-around for the default inability to port forward on OSX, so I think trying to implement the instructions in the gist is the best path forward.

I'm not sure that an explicit proxy is a good idea. If I understand correctly, an explicit proxy would involve directing each individual browser to the proxy server. However, I'm not sure if it would be possible to implement anything like "hardcore mode", because even if you are a non-root user, you can go into your browser settings and change the proxy settings, thereby evading any block. With a transparent proxy, you can remove the mitmproxy certificate authority while Chomper is running, but then you won't be able to go to any website.

something similar to the stack overflow link you attached: https://apple.stackexchange.com/questions/309286/macos-packet-filter-port-forwarding
Miheer Dewaskar
@miheerdew
The last link seems relevant. The ones before that seems to be doing the same as mitm proxy.
Strangely, something similar to the last link was working yesterday but I need to investigate why it isn't working for me anymore.
By explicit proxy, I meant that 1) We block all connections going outside 2) Only allow connections from the proxy. I believe that is a routine firewall task and can be done by pf. But the last link might allow us to simply use the transparent proxy, let me look into it.
aniketpanjwani
@aniketpanjwani
Let me know how your attempt to implement the last link goes. It looks like others using mitmproxy were struggling with this too at some point: mitmproxy/mitmproxy#1261
Miheer Dewaskar
@miheerdew
Thanks. Unfortunately none of the links in the issue worked for me.
We should ask other mac users if any of those links work for them because I might have changed some settings while playing around with my system.
The second rule from this doesn't seem to work my system.
But again I might be missing something (just a few hours ago I realized that I was trying things out with my VPN on :|)
aniketpanjwani
@aniketpanjwani
Gotcha - thanks for the update. I'm pretty close to finishing all the issues for release 0.1.1. I'll probably be able to clear 0.2 tomorrow. After that, I'll make a hackintosh sometime next week and try this out myself. Hopefully I can get it to work on a clean system.
aniketpanjwani
@aniketpanjwani
Cleared 0.1.1. Will work on 0.2 tomorrow!
aniketpanjwani
@aniketpanjwani
bought a used mac mini on ebay - should come in later this week. I'll be able to begin implementing #2 next weekend.
aniketpanjwani
@aniketpanjwani
0.2 is cleared. Will work on improving the docs this week while waiting for the mac mini to arrive.
Miheer Dewaskar
@miheerdew
@aniketpanjwani Awesome :smile: !
Kamil Badyla
@badeleux
Hey
Is it possible to filter by regex? Mitm allows that, right?
aniketpanjwani
@aniketpanjwani
It's currently not possible to filter by regex or wildcard, but it would be a relatively simple feature to add. Could you make a new Issue on Github if this is something you're interested in having?
Kamil Badyla
@badeleux
Sure
Sebastian Bolaños
@sebohe
@aniketpanjwani, any reason why the chomper installers are on a seperate repo?
Sebastian Bolaños
@sebohe
Got chomper working on Arch linux :clap:
Sebastian Bolaños
@sebohe
Also, because of chomper I discovered pipenv, which seems like an awesome alternative to my current virtualenv setup. Just need to break the old way of doing things xD
aniketpanjwani
@aniketpanjwani
Hi @Sebohe - I think I had a reason for putting them in a separate repo, but can't remember exactly why. I think I just thought that it would be good to have some separation between installer and program.
Also, that's really terrific that you've got it working on Arch! If you're able to create an installer shell script, that would be really helpful. I was trying to get it working on Arch a while ago and gave up - if I recall correctly, th emain pain point was just installing cron and getting cron on path.
aniketpanjwani
@aniketpanjwani
I would be happy to set up a time to work with you on the shell script if you wanted. And pipenv is terrific - been using it for a few months now
Sebastian Bolaños
@sebohe
^ Good point, I already had cron installed so I didn't have to isntall it
I forked the installer repo
added a new file. I stripped out a lot because it wasn't compatible with my current virtualenv setup.
My idea is to make it an AUR package.
Sebastian Bolaños
@sebohe
Do you prefer to have a single installer script or a different script for each distro?
aniketpanjwani
@aniketpanjwani
Looking at the file. It looks really good. one though - it looks like you're installing mitmproxy globally - is that a good idea?
I'd prefer a single script.
If you made into an AUR package, that would be terrific. I have to confess though - I know very little of what's involved in doing that
Sebastian Bolaños
@sebohe
I already have my own virtualenv. So it isn't installing globally and I agree that it isn't t a good idea to install it globally.
I don't know how to tackle the virtualenvs issue. Since everyone will have their own configuration or none at all. But pipenv seems to automatically load a venv. Need to play around with it a little more.
aniketpanjwani
@aniketpanjwani
I think the actual end goal should be to use pyinstaller(https://www.pyinstaller.org/) to create a stand alone executable, which includes all requirements and the interpreter bundled in one file. I should look into how much more work this is. Then, the installation shell script could just do the small pieces of necessary configuration.