transproxy(8) | General Use Manual | transproxy(8) |
transproxy - program to start transproxy mode in Linux kernel
Usage: transproxy
transproxy is a program to start transparent proxy mode in Linux kernel for use with hunt, and the program is a POSIX shell script file.
Make sure you have compiled the kernel with transproxy support (you have to enable IP_FIREWALL option and ALWAYS_DEFRAGMENT and IP_TRANSPARENT_PROXY options when you compile the kernel) and have iptables installed.
The script contains two variables that control on which port it listens and to which port the traffic will be redirected.
The default destination port is 7000 and the redirect port is 7044, to change these and other values, see below in the USAGE section for more information.
The DST_PORT is the port to which ordinary clients (source hosts) tries to connect.
The DST_PORT_PROXY is the port to which the data are redirected and on which listens transproxy user program that does all the black magic with data stream.
Before using the transproxy program, edit the file script at /usr/sbin/transproxy.
You need to set some parameters and we recommend that in Linux kernel you use the program 'iptables' to manipulate the 'netfilter' package filter which is supported and documented in Debian, while the programs placed by upstream ’ipchains' and 'ipfwadm' are no longer present in Debian since 2006, because ’ipfwadm' was the package filter of Linux kernel 2.0 and 'ipchains' was its total replacement in Linux kernel 2.2, and then 'iptables' over 'netfilter' came to replace 'ipchains' completely since kernel 2.4, so 'ipchains' and ’ipfwadm' don't exist in the current Linux kernel versions and don't serve any purpose anymore.
/usr/sbin/transproxy
HOW IT WORKS TOGETHER - HUNT/TRANSPROXY/TPSERV
Here is small example how to use together hunt, transproxy and tpserv.
1. At the beginning run tpsetup/transproxy program.
The default destination port is 7000 and redirecting port is 7044.
2. Run tpserv/tpserv -v (or -vv).
3. Run hunt and enter arp spoof daemon menu. Do not start the daemon unless
you modify the tpsetup/transproxy script "i" insert the single arp spoof
in this order:
- IP address (name) of your gateway or IP address (name) of destination
host if the host is in the same IP subnet as source host.
- as fake mac address enter 'my' or enter your interface MAC address.
- enter IP address (name) of source host (client) from which you want
to receive data - connections.
- optionally enter refresh interval "t" test if the spoof was successful.
4. from the source host try to run telnet 1.1.1.1 7000 (or telnet
destination_name 7000) and type some chars. The chars should be echoed back
by tpserv program.
You can then play little bit with DST_PORT setting in setup/transproxy script
and/or -c option of tpserv program or change tpserv to modify data going
from/to source/destination.
transproxy was written by Pavel Krauz <kra@gncz.cz>.
This manual page was written by Braulio Henrique Marques Souto <braulio@disroot.org> for the Debian project (but may be used by others).
05 October 2022 | transproxy-0.1 |