From ca9c60d2eb801c5902c1d2b890e7f1cb8e64959d Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Fri, 5 Apr 2013 11:55:28 +1300
Subject: Docs.

---
 doc-src/transparent.html | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'doc-src/transparent.html')

diff --git a/doc-src/transparent.html b/doc-src/transparent.html
index b28b04f6..689a2842 100644
--- a/doc-src/transparent.html
+++ b/doc-src/transparent.html
@@ -1,3 +1,15 @@
 
 
+When a transparent proxy is used, traffic is redirected into a proxy at the network layer, without
+any client configuration being required. This makes transparent proxying ideal for those situations
+where you can't change client behaviour - proxy-oblivious Android applications being a common
+example.
 
+To set up transparent proxying, we need two new components. The first is a
+redirection mechanism that transparently reroutes a TCP connection destined for
+a server on the Internet to a listening proxy server. This usually takes the
+form of a firewall on the same host as the proxy server -
+[iptables](http://www.netfilter.org/) on Linux or
+[pf](http://en.wikipedia.org/wiki/PF_\(firewall\)) on OSX. When the proxy receives a redirected connection, it sees a vanilla HTTP request, without a host specification. This is where the second new component comes in - a host module that allows us to query the redirector for the original destination of the TCP connection.
+
+At the moment, mitmproxy supports transparent proxying on OSX Lion and above, and all current flavors of Linux.kkkkk
\ No newline at end of file
-- 
cgit v1.2.3