diff options
| author | Aldo Cortesi <aldo@corte.si> | 2018-02-22 20:48:17 +1300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-02-22 20:48:17 +1300 |
| commit | 443409e32bcc28a7f0475d7af42efff03473b72f (patch) | |
| tree | 9d749a57929a950f0e177a9bf4d6cd7d9a88c16b /docs/transparent/linux.rst | |
| parent | 1cacefa104626e4e0df5ffb2aa8b0c6f16b615b2 (diff) | |
| parent | 982508d30f887b4fe8b2a855792ae1e33f378222 (diff) | |
| download | mitmproxy-443409e32bcc28a7f0475d7af42efff03473b72f.tar.gz mitmproxy-443409e32bcc28a7f0475d7af42efff03473b72f.tar.bz2 mitmproxy-443409e32bcc28a7f0475d7af42efff03473b72f.zip | |
Merge pull request #2890 from mitmproxy/newdocs
All new documentation
Diffstat (limited to 'docs/transparent/linux.rst')
| -rw-r--r-- | docs/transparent/linux.rst | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/docs/transparent/linux.rst b/docs/transparent/linux.rst deleted file mode 100644 index 14f6a165..00000000 --- a/docs/transparent/linux.rst +++ /dev/null @@ -1,49 +0,0 @@ -.. _linux: - -Linux -===== - -On Linux, mitmproxy integrates with the iptables redirection mechanism to -achieve transparent mode. - - 1. :ref:`Install the mitmproxy certificate on the test device <certinstall>` - - 2. Enable IP forwarding: - - >>> sysctl -w net.ipv4.ip_forward=1 - >>> sysctl -w net.ipv6.conf.all.forwarding=1 - - You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__. - - 3. If your target machine is on the same physical network and you configured it to use a custom - gateway, disable ICMP redirects: - - >>> sysctl -w net.ipv4.conf.all.send_redirects=0 - - You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or a newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__. - - 4. Create an iptables ruleset that redirects the desired traffic to the - mitmproxy port. Details will differ according to your setup, but the - ruleset should look something like this: - - .. code-block:: none - - iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 - iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080 - ip6tables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 - ip6tables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080 - - You may also want to consider enabling this permanently with the ``iptables-persistent`` package, see `here <http://www.microhowto.info/howto/make_the_configuration_of_iptables_persistent_on_debian.html>`__. - - 5. Fire up mitmproxy. You probably want a command like this: - - >>> mitmproxy -T --host - - The ``-T`` flag turns on transparent mode, and the ``--host`` - argument tells mitmproxy to use the value of the Host header for URL display. - - 6. Finally, configure your test device to use the host on which mitmproxy is - running as the default gateway. - - -For a detailed walkthrough, have a look at the :ref:`transparent-dhcp` tutorial. |