Goal:
- Setup a Hyper-V test lab for capturing traffic from an Android client.
- Use OpenWRT as the routing gateway for the private VM network and Transparent Proxy HTTP and HTTPS traffic to Fiddler.
- Config Fidder for traffic capture.
See Also:
- Part 1 – Building OpenWRT image for Hyper-V
- http://www.telerik.com/forums/fiddlercore-as-transparent-proxy
Configuring OpenWRT for Transpart Proxy
-
Create Port Forward / Pre-routing rules for TCP port 80 and 443 to forward traffic to Fiddler.
- Assuming Fiddler is running at 192.168.1.2, port 8888 for HTTP proxy and 8443 for HTTPS proxy.
- Exclude the Fiddler machine from the port forward.
-
Create Source NAT / Post-routing rule
-
OR write the rules in the Firewall Custom Rules page.
Configuring Fiddler for Transpart Proxy
-
Enable “Allow remote computers to connect” in Fiddler Options and open corresponding ports in the Windows Firewall.
-
Use the command “!listen 8443 your_dummy_CN” to make Fiddler to listen to port 8443 for HTTPS proxy.
- The dummy CN value is important. Without the CN value Fiddler will not handle the HTTPS handshake.
- Use the command “prefs set fiddler.network.https.SetCNFromSNI true” to make Fiddler to generate the cert with CN to match the incoming request.