On Tue, 06 May 2025 01:27:11 +0200, LWS <mediome...@gmail.com> wrote: > > So it is an openbsd decision although it is not clear to me if it is a > security > design decision or rather a standards adherence decision, since it seems to > me > that the software that implements this feature does it outside the > standards. > My idea was to pass my traffic to mitmproxy and then forward it to > suricata.. > but it seems that mitmproxy does not support pcap. So I thought of > exporting the key > and then using wireshark to decrypt the traffic and then pass it to > suricata. > But this path is also not viable. >
I use mitmproxy to investigate traffic from my phone. I just installed its certificate on phone and use WG server to connect to it. -- wbr, Kirill
