From e1f4d17ea74beb21069beb958447bb405836227f Mon Sep 17 00:00:00 2001
From: Thomas Kriechbaumer <thomas@kriechbaumer.name>
Date: Thu, 21 Dec 2017 10:44:30 +0100
Subject: cleanup transparent linux docs

---
 docs/transparent/linux.rst | 34 ++++++++--------------------------
 1 file changed, 8 insertions(+), 26 deletions(-)

(limited to 'docs/transparent/linux.rst')

diff --git a/docs/transparent/linux.rst b/docs/transparent/linux.rst
index d1804d46..ab3fd707 100644
--- a/docs/transparent/linux.rst
+++ b/docs/transparent/linux.rst
@@ -12,15 +12,15 @@ achieve transparent mode.
 
     >>> sysctl -w net.ipv4.ip_forward=1
 
-    You may also want to consider enabling this permanently in ``/etc/sysctl.conf``.
+    You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__.
 
  3. If your target machine is on the same physical network and you configured it to use a custom
     gateway, disable ICMP redirects:
 
-    >>> echo 0 | sudo tee /proc/sys/net/ipv4/conf/*/send_redirects
+    >>> sysctl -w net.ipv4.conf.all.accept_redirects=0
+    >>> sysctl -w net.ipv4.conf.all.send_redirects=0
 
-    You may also want to consider enabling this permanently in ``/etc/sysctl.conf``
-    as demonstrated `here <https://unix.stackexchange.com/a/58081>`_.
+    You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or a newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__.
 
  4. Create an iptables ruleset that redirects the desired traffic to the
     mitmproxy port. Details will differ according to your setup, but the
@@ -29,8 +29,10 @@ achieve transparent mode.
     .. code-block:: none
 
         iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
-        iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080            
-            
+        iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
+        
+    You may also want to consider enabling this permanently with the ``iptables-persistent`` package, see `here <http://www.microhowto.info/howto/make_the_configuration_of_iptables_persistent_on_debian.html>`__.
+
  5. Fire up mitmproxy. You probably want a command like this:
 
     >>> mitmproxy -T --host
@@ -43,23 +45,3 @@ achieve transparent mode.
 
 
 For a detailed walkthrough, have a look at the :ref:`transparent-dhcp` tutorial.
-
-Debain
-======
-
-To make the changes permanent on on Debian (inc ubuntu and raspbian)
-systems:
-
- 1. Write the sysctl changes to a new config file at (for example) /etc/sysctl.d/mitm.conf    
- 
-    .. code-block:: none
-    
-        net.ipv4.ip_forward = 1
-        net.ipv4.conf.all.accept_redirects = 0
-        net.ipv4.conf.all.send_redirects = 0
-        
-    If your system doesn't have a directory /etc/sysctl.d you can instead add the rule to the end of /etc/sysctl.conf
-    
- 2. To make iptables changes persistent, install the package iptables-persistent:
- 
-    >>> sudo apt-get install iptables-persistent
-- 
cgit v1.2.3