From f44d218b7db3b18577f6d02ce91c797b7bdf6c86 Mon Sep 17 00:00:00 2001 From: CyberMind-FR Date: Sun, 1 Feb 2026 07:05:47 +0100 Subject: [PATCH] fix(catalog): Use original_backend when mitmproxy inspection enabled When HAProxy inspection mode routes all vhosts through mitmproxy_inspector, the catalog now uses the original_backend UCI property to correctly map domains to their actual services. Co-Authored-By: Claude Opus 4.5 --- package/secubox/secubox-p2p/root/www/api/factory/catalog | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/package/secubox/secubox-p2p/root/www/api/factory/catalog b/package/secubox/secubox-p2p/root/www/api/factory/catalog index face6e49..deb4ad15 100644 --- a/package/secubox/secubox-p2p/root/www/api/factory/catalog +++ b/package/secubox/secubox-p2p/root/www/api/factory/catalog @@ -58,25 +58,32 @@ get_mesh_ip() { # Build HAProxy vhost map: domain -> backend # Returns: domain|backend|ssl|enabled for each vhost +# Note: When mitmproxy inspection is enabled, uses original_backend to find real service get_haproxy_vhosts() { config_load haproxy 2>/dev/null || return # Callback function for each vhost _emit_vhost() { local section="$1" - local enabled domain backend ssl ssl_redirect + local enabled domain backend original_backend ssl ssl_redirect config_get enabled "$section" enabled "0" [ "$enabled" = "1" ] || return config_get domain "$section" domain config_get backend "$section" backend + config_get original_backend "$section" original_backend config_get ssl "$section" ssl "0" config_get ssl_redirect "$section" ssl_redirect "0" [ -n "$domain" ] || return [ -n "$backend" ] || return + # If backend is mitmproxy_inspector and original_backend exists, use the real backend + if [ "$backend" = "mitmproxy_inspector" ] && [ -n "$original_backend" ]; then + backend="$original_backend" + fi + # Determine scheme local scheme="http" [ "$ssl" = "1" ] && scheme="https"