diff options
| author | smill <smill@cuckoo.sh> | 2016-09-04 01:30:27 +0000 |
|---|---|---|
| committer | smill <smill@cuckoo.sh> | 2016-09-04 01:30:27 +0000 |
| commit | fbfedbdc8f02bc36191d3fbf0f5cb7756331c89d (patch) | |
| tree | b064696ab20a9f831c02e342b8ed02a2d8c93b15 /docs/transparent.rst | |
| parent | 377921fa99e5c602ff04ed412be76072abc1d1c0 (diff) | |
| download | mitmproxy-fbfedbdc8f02bc36191d3fbf0f5cb7756331c89d.tar.gz mitmproxy-fbfedbdc8f02bc36191d3fbf0f5cb7756331c89d.tar.bz2 mitmproxy-fbfedbdc8f02bc36191d3fbf0f5cb7756331c89d.zip | |
Improved error-handling / supplemented documention.
Diffstat (limited to 'docs/transparent.rst')
| -rw-r--r-- | docs/transparent.rst | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/docs/transparent.rst b/docs/transparent.rst index eb77c76c..dc41f40f 100644 --- a/docs/transparent.rst +++ b/docs/transparent.rst @@ -1,5 +1,6 @@ .. _transparent: +==================== Transparent Proxying ==================== @@ -20,5 +21,20 @@ destination of the TCP connection. At the moment, mitmproxy supports transparent proxying on OSX Lion and above, and all current flavors of Linux. +Fully transparent mode +======= +By default mitmproxy will use its own local ip address for its server-side connections. +In case this isn't desired, the --spoof-source-address argument can be used to +use the client's ip address for server-side connections. + +This mode does require root privileges though. There's a wrapper in the examples directory +called 'mitmproxy_shim.c', which will enable you to use this mode with dropped priviliges. +It can be used as follows: + +gcc examples/mitmproxy_shim.c -o mitmproxy_shim -lcap +sudo chown root:root mitmproxy_shim +sudo chmod u+s mitmproxy_shim +./mitmproxy_shim $(which mitmproxy) -T --spoof-source-address + .. _iptables: http://www.netfilter.org/ .. _pf: https://en.wikipedia.org/wiki/PF_\(firewall\) |