diff options
| author | Maximilian Hils <git@maximilianhils.com> | 2014-09-08 18:35:52 +0200 |
|---|---|---|
| committer | Maximilian Hils <git@maximilianhils.com> | 2014-09-08 18:35:52 +0200 |
| commit | 7ea8d3ff357e278ba047a18a0dcc4bd434017c79 (patch) | |
| tree | 740300db83b70159058b58c107127b4ac122d072 | |
| parent | ebd539b49f0706918e979dc921cf454ae448eaf9 (diff) | |
| download | mitmproxy-7ea8d3ff357e278ba047a18a0dcc4bd434017c79.tar.gz mitmproxy-7ea8d3ff357e278ba047a18a0dcc4bd434017c79.tar.bz2 mitmproxy-7ea8d3ff357e278ba047a18a0dcc4bd434017c79.zip | |
add note about icmp redirects, fix #255
| -rw-r--r-- | doc-src/transparent/linux.html | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/doc-src/transparent/linux.html b/doc-src/transparent/linux.html index 96b7132a..7c01931d 100644 --- a/doc-src/transparent/linux.html +++ b/doc-src/transparent/linux.html @@ -15,6 +15,16 @@ achieve transparent mode. </li> + <li> If your target machine is on the same physical network and you configured it to use a custom gateway, + disable ICMP redirects: + + <pre class="terminal">echo 0 | sudo tee /proc/sys/net/ipv4/conf/*/send_redirects</pre> + + You may also want to consider enabling this permanently in + <b>/etc/sysctl.conf</b> as demonstrated <a href="http://unix.stackexchange.com/a/58081">here</a>. + + </li> + <li> Create an iptables ruleset that redirects the desired traffic to the mitmproxy port. Details will differ according to your setup, but the ruleset should look something like this: |