On Tue, 2011-12-06 at 23:30 +0100, Adam Pi?tyszek wrote: > > Use mitmproxy: http://mitmproxy.org/ > > > > Edit /etc/hosts on your VPN client host, so that it has the address of > > the machine on which you run mitmproxy, for the VPN server's hostname. > > > > Then when you connect it'll actually connect to mitmproxy, and mitmproxy > > will see the Host: header in the request and pass the traffic on to the > > real VPN server. > > Can I do this using one host (my laptop)? > > I am trying to run mitmproxy on 443 port, but when I set 127.0.0.1 in > /etc/hosts to the name of the VPN server, it just can't connect. I also > see nothing in mitmproxy window. Hm, if you've edited /etc/hosts to set 127.0.0.1 as the address of your VPN server (to trick AnyConnect), then that is *also* going to trick mitimproxy, and it won't be able to talk to the real server. If you want to do this on the same box, you have to fix that. Perhaps by running mitmproxy (or AnyConnect) in a chroot so it gets to see a *different* /etc/hosts file. Or in a different network namespace, which is probably harder. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5818 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20111207/4575fa75/attachment.bin>