diff options
| author | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 14:23:19 +1100 |
|---|---|---|
| committer | Brian May <brian@linuxpenguins.xyz> | 2015-12-15 14:23:19 +1100 |
| commit | 3db38c992ac51ff7d9a5764fe4e8aa202212c019 (patch) | |
| tree | 3a0675d2d0289f27c05f4a4d68279cb7db28087e /README.rst | |
| parent | 1e81bf3dfc125bab97a81c4070d7f95c7d2cf212 (diff) | |
Replace numbered points with dot points.
Diffstat (limited to 'README.rst')
| -rw-r--r-- | README.rst | 48 |
1 files changed, 24 insertions, 24 deletions
@@ -72,39 +72,39 @@ later. There are some things you need to consider for TPROXY to work: -1. The following commands need to be run first as root. This only needs to be - done once after booting up:: +- The following commands need to be run first as root. This only needs to be + done once after booting up:: - ip route add local default dev lo table 100 - ip rule add fwmark 1 lookup 100 - ip -6 route add local default dev lo table 100 - ip -6 rule add fwmark 1 lookup 100 + ip route add local default dev lo table 100 + ip rule add fwmark 1 lookup 100 + ip -6 route add local default dev lo table 100 + ip -6 rule add fwmark 1 lookup 100 -2. The client needs to be run as root. e.g.:: +- The client needs to be run as root. e.g.:: - sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... + sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... -3. You may need to exclude the IP address of the server you are connecting to. - Otherwise sshuttle may attempt to intercept the ssh packets, which will not - work. Use the `--exclude` parameter for this. +- You may need to exclude the IP address of the server you are connecting to. + Otherwise sshuttle may attempt to intercept the ssh packets, which will not + work. Use the `--exclude` parameter for this. -4. Similarly, UDP return packets (including DNS) could get intercepted and - bounced back. This is the case if you have a broad subnet such as - ``0.0.0.0/0`` that includes the IP address of the client. Use the - `--exclude` parameter for this. +- Similarly, UDP return packets (including DNS) could get intercepted and + bounced back. This is the case if you have a broad subnet such as + ``0.0.0.0/0`` that includes the IP address of the client. Use the + `--exclude` parameter for this. -5. You do need the `--method=tproxy` parameter, as above. +- You do need the `--method=tproxy` parameter, as above. -6. The routes for the outgoing packets must already exist. For example, if your - connection does not have IPv6 support, no IPv6 routes will exist, IPv6 - packets will not be generated and sshuttle cannot intercept them:: +- The routes for the outgoing packets must already exist. For example, if your + connection does not have IPv6 support, no IPv6 routes will exist, IPv6 + packets will not be generated and sshuttle cannot intercept them:: - telnet -6 www.google.com 80 - Trying 2404:6800:4001:805::1010... - telnet: Unable to connect to remote host: Network is unreachable + telnet -6 www.google.com 80 + Trying 2404:6800:4001:805::1010... + telnet: Unable to connect to remote host: Network is unreachable - Add some dummy routes to external interfaces. Make sure they get removed - however after sshuttle exits. + Add some dummy routes to external interfaces. Make sure they get removed + however after sshuttle exits. Obtaining sshuttle |