diff options
| author | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 14:26:39 +1100 |
|---|---|---|
| committer | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 14:26:39 +1100 |
| commit | e433c599e40bc47c7b0e4d16934815c84b26eea8 (patch) | |
| tree | 5eb88a6b600cdc2b37284e360beabbaea190babf | |
| parent | ba60d22478252ce3aa235a1a42a9b3bbab7fd3c2 (diff) | |
IPv6 routes must be added manually
| -rw-r--r-- | README.rst | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -80,6 +80,9 @@ There are some things you need to consider for TPROXY to work: ip -6 route add local default dev lo table 100 ip -6 rule add fwmark 1 lookup 100 +- The --auto-nets feature does not detect IPv6 routes automatically. Add IPv6 + routes manually. e.g. by adding '::/0' to the end of the command line. + - The client needs to be run as root. e.g.:: sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... @@ -90,7 +93,7 @@ There are some things you need to consider for TPROXY to work: - Similarly, UDP return packets (including DNS) could get intercepted and bounced back. This is the case if you have a broad subnet such as - ``0.0.0.0/0`` that includes the IP address of the client. Use the + ``0.0.0.0/0`` or ``::/0`` that includes the IP address of the client. Use the `--exclude` parameter for this. - You do need the `--method=tproxy` parameter, as above. |