diff options
author | Maximilian Hils <git@maximilianhils.com> | 2014-09-07 00:42:25 +0200 |
---|---|---|
committer | Maximilian Hils <git@maximilianhils.com> | 2014-09-07 00:42:25 +0200 |
commit | 78a44c5199d81bc46038b5d680638124f613b871 (patch) | |
tree | cf6361d77aeed7a3fd453744778b443885ffa65d /doc-src/custom-routing.txt | |
parent | df129736c3a621847f7916d40edd909fe9fb0b8e (diff) | |
download | mitmproxy-78a44c5199d81bc46038b5d680638124f613b871.tar.gz mitmproxy-78a44c5199d81bc46038b5d680638124f613b871.tar.bz2 mitmproxy-78a44c5199d81bc46038b5d680638124f613b871.zip |
add docs on proxy modes
Diffstat (limited to 'doc-src/custom-routing.txt')
-rw-r--r-- | doc-src/custom-routing.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/doc-src/custom-routing.txt b/doc-src/custom-routing.txt new file mode 100644 index 00000000..2ba2281f --- /dev/null +++ b/doc-src/custom-routing.txt @@ -0,0 +1,24 @@ +# Adapted from http://tldp.org/HOWTO/TransparentProxy-6.html (6.2 Second method) +# Note that the choice of firewall mark (3) and routing table (2) was fairly arbitrary. +# If you are already using policy routing or firewall marking for some other purpose, +# make sure you choose unique numbers here. Otherwise, don't worry about it. + + + +# On the router, run + +PROXY_IP=192.168.1.100 +TARGET_IP=192.168.1.110 + +iptables -t mangle -A PREROUTING -j ACCEPT -p tcp -m multiport --dports 80,443 -s ! $TARGET_IP +# Alternative to MITM the whole network: +# iptables -t mangle -A PREROUTING -j ACCEPT -p tcp -m multiport --dports 80,443 -s $PROXY_IP +iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m multiport --dports 80,443 +ip rule add fwmark 3 table 2 +ip route add default via $PROXY_IP dev br0 table 2 + + + +# On the proxy machine, run + +iptables -A PREROUTING -t nat -i eth0 -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port 8080 |