From b5cf3b4f743f1dd3e7d58c9d21155005466640ec Mon Sep 17 00:00:00 2001
From: Aldo Cortesi <aldo@nullcube.com>
Date: Tue, 14 May 2013 09:12:26 +1200
Subject: README, Linux transparent mode docs, requirements additions.

---
 doc-src/transparent/linux.html | 40 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 40 insertions(+)

(limited to 'doc-src/transparent/linux.html')

diff --git a/doc-src/transparent/linux.html b/doc-src/transparent/linux.html
index e69de29b..41840c75 100644
--- a/doc-src/transparent/linux.html
+++ b/doc-src/transparent/linux.html
@@ -0,0 +1,40 @@
+On Linux, mitmproxy integrates with the iptables redirection mechanism to
+achieve transparent mode.
+
+<ol class="tlist">
+
+    <li> <a href="@!urlTo("ssl.html")!@">Install the mitmproxy
+    certificates on the test device</a>. </li>
+
+    <li> Enable IP forwarding:
+
+    <pre class="terminal">sysctl -w net.ipv4.ip_forward=1</pre>
+
+    You may also want to consider enabling this permanently in
+    <b>/etc/sysctl.conf</b>.
+
+    </li>
+
+    <li> Create an iptables ruleset that redirects the desired traffic to the
+    mitmproxy port. Details will differ according to your setup, but the
+    ruleset should look something like this:
+
+<pre class="terminal">iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
+iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080</pre>
+    
+    </li>
+
+    <li> Fire up mitmproxy. You probably want a command like this:
+
+        <pre class="terminal">mitmproxy -T --host</pre>
+
+        The <b>-T</b> flag turns on transparent mode, and the <b>--host</b>
+        argument tells mitmproxy to use the value of the Host header for URL
+        display.
+
+    </li>
+
+    <li> Finally, configure your test device to use the host on which mitmproxy is
+    running as the default gateway.</li>
+
+</ol>
-- 
cgit v1.2.3