NAME

       transproxy - program to start transproxy mode in Linux kernel

SYNOPSIS

       Usage: transproxy

DESCRIPTION

       transproxy is a program to start transparent proxy mode in Linux kernel for use with hunt,
       and the program is a POSIX shell script file.

       Make sure you have compiled the  kernel  with  transproxy  support  (you  have  to  enable
       IP_FIREWALL option and ALWAYS_DEFRAGMENT and IP_TRANSPARENT_PROXY options when you compile
       the kernel) and have iptables installed.

       The script contains two variables that control on which port it listens and to which  port
       the traffic will be redirected.

       The  default  destination  port is 7000 and the redirect port is 7044, to change these and
       other values, see below in the USAGE section for more information.

       The DST_PORT is the port to which ordinary clients (source hosts) tries to connect.

       The DST_PORT_PROXY is the port to which the data  are  redirected  and  on  which  listens
       transproxy user program that does all the black magic with data stream.

USAGE

       Before using the transproxy program, edit the file script at /usr/sbin/transproxy.

       You  need to set some parameters and we recommend that in Linux kernel you use the program
       'iptables' to manipulate the 'netfilter' package filter which is supported and  documented
       in  Debian,  while  the programs placed by upstream ’ipchains' and 'ipfwadm' are no longer
       present in Debian since 2006, because ’ipfwadm' was the package filter of Linux kernel 2.0
       and  'ipchains'  was  its  total replacement in Linux kernel 2.2, and then 'iptables' over
       'netfilter' came to replace 'ipchains' completely since  kernel  2.4,  so  'ipchains'  and
       ’ipfwadm'  don't  exist  in  the current Linux kernel versions and don't serve any purpose
       anymore.

FILES

       /usr/sbin/transproxy

EXAMPLES

       HOW IT WORKS TOGETHER - HUNT/TRANSPROXY/TPSERV

         Here is small example how to use together hunt, transproxy and tpserv.

         1. At the beginning run tpsetup/transproxy program.
            The default destination port is 7000 and redirecting port is 7044.

         2. Run tpserv/tpserv -v (or -vv).

         3. Run hunt and enter arp spoof daemon menu. Do not start the daemon unless
            you modify the tpsetup/transproxy script "i" insert the single arp spoof
            in this order:
                 - IP address (name) of your gateway or IP address (name) of destination
                   host if the host is in the same IP subnet as source host.
                 - as fake mac address enter 'my' or enter your interface MAC address.
                 - enter IP address (name) of source host (client) from which you want
                   to receive data - connections.
                 - optionally enter refresh interval "t" test if the spoof was successful.

         4. from the source host try to run telnet 1.1.1.1 7000 (or telnet
            destination_name 7000) and type some chars. The chars should be echoed back
            by tpserv program.

         You can then play little bit with DST_PORT setting in setup/transproxy script
         and/or -c option of tpserv program or change tpserv to modify data going
         from/to source/destination.

SEE ALSO

       hunt(8), tpserv(8)

AUTHOR

       transproxy was written by Pavel Krauz <kra@gncz.cz>.

       This manual page was written by Braulio Henrique Marques Souto  <braulio@disroot.org>  for
       the Debian project (but may be used by others).