The downside to using mitmproxy for this is that mitmproxy uses eBPF which requires (temporary) root privileges to set up. This tool works without root access on most distros (you do need TUN write access).
That’s interesting. Tailscale userspace mode does not require tun write access as (I believe) is implemented within the process that runs the gvisor stack (tailscaled). I am wondering if httptap could use the same approach?