diff options
| author | Brian May <brian@linuxpenguins.xyz> | 2016-01-20 20:55:10 +1100 |
|---|---|---|
| committer | Brian May <brian@linuxpenguins.xyz> | 2016-01-20 20:55:10 +1100 |
| commit | ee26157faacd15047f1707648792805619e541ea (patch) | |
| tree | 0cc6231b2dc61c41e5800780a65bbb510d6491ea /docs/usage.rst | |
| parent | 0bdfb883aa2e7bb2ea9bfb1f8e53b7cba022b875 (diff) | |
Add Windows documentation
Copied from https://coderwall.com/p/adfxgw/sshuttle-on-windows
Closes #64
Diffstat (limited to 'docs/usage.rst')
| -rw-r--r-- | docs/usage.rst | 48 |
1 files changed, 6 insertions, 42 deletions
diff --git a/docs/usage.rst b/docs/usage.rst index ee4a8db..bf387c6 100644 --- a/docs/usage.rst +++ b/docs/usage.rst @@ -1,5 +1,11 @@ Usage ===== + +.. note:: + + For information on usage with Windows, see the :doc:`windows` section. + For information on using the TProxy method, see the :doc:`tproxy` section. + - Forward all traffic:: sshuttle -r username@sshserver 0.0.0.0/0 @@ -51,45 +57,3 @@ the data back and forth through ssh. Fun, right? A poor man's instant VPN, and you don't even have to have admin access on the server. -Additional information for TPROXY ---------------------------------- -TPROXY is the only method that supports full support of IPv6 and UDP. - -There are some things you need to consider for TPROXY to work: - -- The following commands need to be run first as root. This only needs to be - done once after booting up:: - - ip route add local default dev lo table 100 - ip rule add fwmark 1 lookup 100 - ip -6 route add local default dev lo table 100 - ip -6 rule add fwmark 1 lookup 100 - -- The ``--auto-nets`` feature does not detect IPv6 routes automatically. Add IPv6 - routes manually. e.g. by adding ``'::/0'`` to the end of the command line. - -- The client needs to be run as root. e.g.:: - - sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... - -- You may need to exclude the IP address of the server you are connecting to. - Otherwise sshuttle may attempt to intercept the ssh packets, which will not - work. Use the ``--exclude`` parameter for this. - -- Similarly, UDP return packets (including DNS) could get intercepted and - bounced back. This is the case if you have a broad subnet such as - ``0.0.0.0/0`` or ``::/0`` that includes the IP address of the client. Use the - ``--exclude`` parameter for this. - -- You need the ``--method=tproxy`` parameter, as above. - -- The routes for the outgoing packets must already exist. For example, if your - connection does not have IPv6 support, no IPv6 routes will exist, IPv6 - packets will not be generated and sshuttle cannot intercept them:: - - telnet -6 www.google.com 80 - Trying 2404:6800:4001:805::1010... - telnet: Unable to connect to remote host: Network is unreachable - - Add some dummy routes to external interfaces. Make sure they get removed - however after sshuttle exits. |