Show HN: Forwarder – FOSS MITM proxy written in Go (forwarder-proxy.io)

78 points by michalmatczuk ↗ HN
I'm working at Sauce Labs on a fast MITM proxy.

If you are using mitmproxy, Fiddler or Charles proxy in your job I believe you'll find it invaluable.

Forwarder 1.1 is now available, complete with a Grafana Dashboard for effortless monitoring. We are committed to making it great.

I welcome your feedback.

Cheers Michał

17 comments

[ 3.0 ms ] story [ 45.4 ms ] thread
For those with blocking rules around newly registered DNS: https://github.com/saucelabs/forwarder
> blocking rules around newly registered DNS

Why is this even a thing?

Moderately effective anti phishing. Your real bank's domain is older than last week.
Most malware/scam domains I've seen are generally a few weeks old, which is still fairly new, but not quite last week.
am i reading this correctly that it could be used as an adblock?

is the PAC format powerful enough to handle everything that current adblockers do?

Wish this had a caching feature… Setting up squid as a https caching forward proxy in docker is a pain.
That's not currently on the roadmap.

Please file an issue, we'll see what we can do.

I'm not too versed on these, but why not use nginx?
Nginx is built as a reverse proxy, useful to intercept traffic coming in to a server and route it to the correct service. This is the opposite, I guess we can call it an obverse proxy: it sits near a client and allows the owner (or a malicious party) of the client to intercept the traffic as it leaves the client. A former employer of mine used something like this to gain access to the API calls being made from iPhone apps, but you could use it to say attach authentication to calls heading a certain way (think what AWS is doing to make service to service calls work transparently to the user) or tons of other stuff (blocking content, if you’re so inclined).

I haven’t tried to use nginx as an MITM proxy or this project at all, but presumably it’s easier to use this when your usecase lies closer to the client than the server and vice versa.

Tools like Fiddler allow traffic modification based on rules, so you can tamper traffic. Forwarder doesn't appear to allow modification (other than headers?) so I think it's about logging traffic and collecting metrics. Still looking at the docs, I could have missed something.
> If you are using mitmproxy, Fiddler or Charles proxy in your job I believe you'll find it invaluable.

Why? Do you have a comparison? Or even a list of your features, beyond the 6 bullet points on your homepage?