Troubleshooting proxy connection error on legacy app

Question

I'm having to support some legacy client code which makes a network connection to a server using a proprietary protocol over port 1234. A straight internet connection on the client machine works fine, but some people use it inside a corporate network with proxies. For the most part this works, but I need to make some changes to the client code and would like to test it using a proxy.

I've installed mitmproxy on a second workstation, and if I set my main workstation to use this proxy, all is fine—I can make secure web requests using a default browser, so I'm pretty sure I've got the proxy set up OK. It doesn't require any proxy authentication and just seems to work.

But, when I launch this particular app and configure it to use the proxy, I can see in its debug output that it is attempting to do so, but in the mitmproxy debug window, I just see:

192.168.0.28:59278: clientconnect 192.168.0.28:59278: ConnectionResetError(10054, 'An existing connection was forcibly closed by the remote host', None, 10054, None) 192.168.0.28:59278: ProtocolException("ConnectionResetError(10054, 'An existing connection was forcibly closed by the remote host', None, 10054, None)",) 192.168.0.28:59278: clientdisconnect

I'm assuming this is because the app isn't making 'properly formed' web requests, but using its own protocol over TCP. Am I right in thinking, if this is the case, that mitmproxy wouldn't be able to act as a proxy? If so, is there any other simple, ideally free proxy application I can use for testing? I did look at pfSense, but would need to set up a VM for that, and networking via a VM brings a whole new world of pain from previous experience :|.

For next steps; I would take TCP Dumps of what a request and response looks like with and without the proxy, then I would look at the differences of them. Additionally, if you are just using a proxy in order to make the page available outside of a specific network and do not need to do HTTP level fiddling, you could try setting up a proxy in TCP mode instead of HTTP mode - haproxy would work (or squid... but... haproxy is better). — Tim, Aug 07 '18 at 20:02
I installed Wireshark on the same machine as the proxy, and I also tried running the client app on the same machine with it's proxy settings of 127.0.0.1:8080, and in neither case do I see _any_ traffic between the proxy and the main server. If I run the app set to 'direct connection' mode, I see plenty of traffic and all is well. So I guess, since this is a very non-standard protocol, mitm isn't the right software. Note this server isn't a webserver, it's a proprietary client / server app. Since I'm using Windows, and I also just found RINETD which I will try. Many thanks. — dsl101, Aug 09 '18 at 09:55

score 0 · Answer 1 · answered Aug 09 '18 at 10:12

0

Reading the mitmproxy documentation further, I found 'Transparent' mode, which sounds more like what I want. But (a) it's still very focused on HTTP and HTTPS, and secondly, this section indicates that other TCP routing software is required. I think I'm only looking for that, so will not try to bend mitm any futher.

answered Aug 09 '18 at 10:12

dsl101

433
1
7
13

And for the record, WinGate worked first time. – dsl101 Aug 09 '18 at 14:06

Troubleshooting proxy connection error on legacy app

1 Answers1