DEVHIDE
Login Or Sign up

Tracing network traffic from Parallels in Fiddler

61 Views Asked by At

My Setup

  • Host: MacOS Sonoma
  • Guest: Windows, running in Parallels
  • Tracing: Fiddler Everywhere / tcpdump, running on host MacOS

I'm trying to capture traffic from games running in my guest Windows machine, but I can't get it to work. I have setup a proxy setting in the Windows machine to point to the listening port of my Fiddler application; I can see most traffic just fine doing this. I suspect because the games are using libcurl or wget or something similar to make their https calls, and from what I understand these tools do not respect system proxy settings.

Example Tests

  • Works: Open a browser in the Guest system, navigate to https://my.cool.app.com/ -- these connections show up in my Host system's Fiddler traces.
  • Doesn't Work: Open a cmd terminal and curl https://my.cool.app.com/ -- these connections do not show up in my Host system's Fiddler traces; they do show up if I have tcpdump running in a shell on the Host sytem though.
  • Also Doesn't Work: If I set my Fiddler to "System Proxy", I expected it to show the connections from curl since it's supposed to intercept all traffic. This doesn't seem to be the case though.

Things I've Tried

  • On the Guest Windows machine, I've tried setting https_proxy env vars to point to my Fiddler proxy endpoint. This... kind of works. I can at least see the connection attempts from curl doing this. However, a new problem arises when I try to run the curl command I get the following error:

curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.

  • In Fiddler, I can see the initial CONNECT attempt from the curl but nothing after that since the connection fails.
  • I have the Fiddler_Root_Certificate_Authority.crt from Fiddler manually imported into the cert store on Windows, that was required to get any connections working. I'm not sure what other changes might be needed here though? This in particular is a bit outside my wheelhouse.
  • I've tried a few registry settings that I found on Google, with no noticeable change.

Goal

At the end of the day, all I really want to do is be able to see all traffic from my Parallels Guest system in my Fiddler captures. Since this is essentially a VM running on my local machine, I'd expect there to be something easy I haven't considered trying but I'm currently at a loss for what to try next?

macos curl fiddler tcpdump parallels
Original Q&A
0

There are 0 best solutions below

Related Questions in MACOS

Related Questions in CURL

Related Questions in FIDDLER

Related Questions in TCPDUMP

Related Questions in PARALLELS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.