Magic-Mirror/mitmproxy
1
0
Fork 0
mirror of https://github.com/mitmproxy/mitmproxy.git synced 2024-11-23 13:19:48 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

cleanup transparent linux docs

Browse Source
This commit is contained in:
Thomas Kriechbaumer 2017-12-21 10:44:30 +01:00
parent 907ef4a02c
commit e1f4d17ea7
1 changed files with 8 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
docs/transparent/linux.rst
View File

@ -12,15 +12,15 @@ achieve transparent mode.
>>> sysctl -w net.ipv4.ip_forward=1
You may also want to consider enabling this permanently in ``/etc/sysctl.conf``.
You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__.
3. If your target machine is on the same physical network and you configured it to use a custom
gateway, disable ICMP redirects:
>>> echo 0 | sudo tee /proc/sys/net/ipv4/conf/*/send_redirects
>>> sysctl -w net.ipv4.conf.all.accept_redirects=0
>>> sysctl -w net.ipv4.conf.all.send_redirects=0
You may also want to consider enabling this permanently in ``/etc/sysctl.conf``
as demonstrated `here <https://unix.stackexchange.com/a/58081>`_.
   You may also want to consider enabling this permanently in ``/etc/sysctl.conf`` or a newly created ``/etc/sysctl.d/mitmproxy.conf``, see `here <https://superuser.com/a/625852>`__.
4. Create an iptables ruleset that redirects the desired traffic to the
mitmproxy port. Details will differ according to your setup, but the
@ -29,8 +29,10 @@ achieve transparent mode.
.. code-block:: none
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
   You may also want to consider enabling this permanently with the ``iptables-persistent`` package, see `here <http://www.microhowto.info/howto/make_the_configuration_of_iptables_persistent_on_debian.html>`__.
5. Fire up mitmproxy. You probably want a command like this:
>>> mitmproxy -T --host
@ -43,23 +45,3 @@ achieve transparent mode.
For a detailed walkthrough, have a look at the :ref:`transparent-dhcp` tutorial.
Debain
======
To make the changes permanent on on Debian (inc ubuntu and raspbian)
systems:
1. Write the sysctl changes to a new config file at (for example) /etc/sysctl.d/mitm.conf
.. code-block:: none
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
If your system doesn't have a directory /etc/sysctl.d you can instead add the rule to the end of /etc/sysctl.conf
2. To make iptables changes persistent, install the package iptables-persistent:
>>> sudo apt-get install iptables-persistent