NAME

       transproxy - program to start transproxy mode in Linux kernel

SYNOPSIS

       Usage: transproxy

DESCRIPTION

       transproxy  is  a  program  to  start  transparent  proxy mode in Linux kernel for use with hunt, and the
       program is a POSIX shell script file.

       Make sure you have compiled the kernel with transproxy support (you have to enable IP_FIREWALL option and
       ALWAYS_DEFRAGMENT and IP_TRANSPARENT_PROXY options  when  you  compile  the  kernel)  and  have  iptables
       installed.

       The  script  contains  two  variables that control on which port it listens and to which port the traffic
       will be redirected.

       The default destination port is 7000 and the redirect port is 7044, to change these and other values, see
       below in the USAGE section for more information.

       The DST_PORT is the port to which ordinary clients (source hosts) tries to connect.

       The DST_PORT_PROXY is the port to which the data are redirected and  on  which  listens  transproxy  user
       program that does all the black magic with data stream.

USAGE

       Before using the transproxy program, edit the file script at /usr/sbin/transproxy.

       You  need  to set some parameters and we recommend that in Linux kernel you use the program 'iptables' to
       manipulate the 'netfilter' package filter which is supported and documented in Debian, while the programs
       placed by upstream ’ipchains' and 'ipfwadm' are no longer present in Debian since 2006, because ’ipfwadm'
       was the package filter of Linux kernel 2.0 and 'ipchains' was its total replacement in Linux kernel  2.2,
       and  then  'iptables'  over  'netfilter'  came  to  replace  'ipchains'  completely  since kernel 2.4, so
       'ipchains' and ’ipfwadm' don't exist in the current Linux kernel versions and  don't  serve  any  purpose
       anymore.

FILES

       /usr/sbin/transproxy

EXAMPLES

       HOW IT WORKS TOGETHER - HUNT/TRANSPROXY/TPSERV

         Here is small example how to use together hunt, transproxy and tpserv.

         1. At the beginning run tpsetup/transproxy program.
            The default destination port is 7000 and redirecting port is 7044.

         2. Run tpserv/tpserv -v (or -vv).

         3. Run hunt and enter arp spoof daemon menu. Do not start the daemon unless
            you modify the tpsetup/transproxy script "i" insert the single arp spoof
            in this order:
                 - IP address (name) of your gateway or IP address (name) of destination
                   host if the host is in the same IP subnet as source host.
                 - as fake mac address enter 'my' or enter your interface MAC address.
                 - enter IP address (name) of source host (client) from which you want
                   to receive data - connections.
                 - optionally enter refresh interval "t" test if the spoof was successful.

         4. from the source host try to run telnet 1.1.1.1 7000 (or telnet
            destination_name 7000) and type some chars. The chars should be echoed back
            by tpserv program.

         You can then play little bit with DST_PORT setting in setup/transproxy script
         and/or -c option of tpserv program or change tpserv to modify data going
         from/to source/destination.

SEE ALSO

       hunt(8), tpserv(8)

AUTHOR

       transproxy was written by Pavel Krauz <kra@gncz.cz>.

       This  manual  page  was  written  by  Braulio Henrique Marques Souto <braulio@disroot.org> for the Debian
       project (but may be used by others).

transproxy-0.1                                   05 October 2022                                   transproxy(8)