With MacOS - and system capture not working

I noticed that the web browser capture is working but system capture is not working.  We want to be able to do system capture or system capture and things like monitor traffic within the ios simulator.


It seems that the recommended fix was to reset the root certificate.  This didn't change anything.

[2022-08-03 14:41:37:073] [info] [CPU information] The processor model is: Intel(R) Core(TM) i7-7820HQ CPU @ 2.90GHz with number of cores: 8 and working at 2.9 GHz frequency

[2022-08-03 14:45:58:683] [info] [Product information] Fiddler Everywhere 3.3.1

[2022-08-03 14:45:58:693] [info] [System information] darwin (Darwin/x64) - version 19.6.0



1 Comment

The first thing to check if you cannot capture system traffic is to check and verify that the Fiddler Everywhere proxy is being successfully set as the operating system proxy for the active network adapter. Even without a properly installed root CA, setting Fiddler Everywhere as a system proxy would mean that you can capture non-secure traffic (like http://example.com). Given that your Open Browser functionality (I assume that is what you mean by browser capture) is working, that most likely indicates that Fiddler Everywhere is not able to change your OS proxy settings for some reason.


So the first step in identifying the issue is to do the following:


- Stop Fiddler Everywhere capturing and close the application entirely.

- Open the macOS proxy setting on the active network adapter and verify that the proxy settings are cleaned (no Fiddler Everywhere proxy IP:port)

- Open Fiddler Everywhere and start the Live Traffic capturing (a.k.a. system capturing).

- Open the macOS proxy setting on the active network adapter and verify that the proxy settings are now successfully using the Fiddler Everywhere proxy (127.0.0.1:8866)

- Back in Fiddler Everywhere ensure that you have the following options enabled

Settings > HTTPS > Capture HTTPS Traffic

Settings > HTTPS > Trust Root Certificate (To capture HTTPS traffic)

Settings > Gateway > Use System Proxy (recommended) 

Settings > Gateway > Allow Remove Computers to connect (this one is needed only if you want to capture traffic from remote devices like iOS devices, emulators, remote PCs, etc.)

Settings > Gateway > Bypass Fiddler for URLs that start with: <place-your-VPN-URL> (this is needed for some VPN tools like Cisco AnyConnect, which are not working through MITM proxies). Some VPN tools might be entirely incompatible with MITM proxies like Fiddler Everywhere at all - you can test this by changing the network (e.g., by using a hotspot) and testing Fiddler Everywhere without the VPN. Some security tools like Pulse Secure needs to be explicitly configured to allow list the Fiddler Everywhere proxy to operate.


Now, you should be able to open a browser or any other local application that respects the system OS and capture its HTTP/HTTPS requests. To capture traffic from iOS emulators, you must set up your emulator by following the instructions in this documentation article.