Show HN: Egress WAF to limit AI agents and NPM malware based on mitmproxy

Category: security

Tags: egress-waf, mitmproxy, network-security

Score: 7.5/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 7)

mitmwall is an egress WAF for Ubuntu that combines iptables with mitmproxy to enforce allowlisted HTTP(s) and DNS routes, blocking data exfiltration and backdoor connections from compromised packages or AI agents. Its innovative combination of transparent proxy, firewall rules, and DNS filtering creates a practical security layer for servers, with a web interface for monitoring and rule creation.

Target audience: backend devs, devops, security engineers

Repository: https://github.com/esamattis/mitmwall · Python · MIT · 6 stars

View on Hacker News