<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"><head><meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> <link href="../01-bootstrap.min.css" type="text/css" rel="StyleSheet"/> <link href="../02-docstyle.css" type="text/css" rel="StyleSheet"/> <link href="../syntax.css" type="text/css" rel="StyleSheet"/> <title>mitmproxy 0.9 - Linux</title></head><body><div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container"> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> <a class="brand" href="../index.html">mitmproxy 0.9 docs</a> </div><!--/.nav-collapse --> </div> </div> </div> <div class="container"> <div class="row"> <div class="span3"> <div class="well sidebar-nav"> <ul class="nav nav-list"> <li><a href="../index.html">Introduction</a></li> <li><a href="../install.html">Installation</a></li> <li><a href="../howmitmproxy.html">How mitmproxy works</a></li> <li class="nav-header">Tools</li> <li><a href="../mitmproxy.html">mitmproxy</a></li> <li><a href="../mitmdump.html">mitmdump</a></li> <li class="nav-header">Features</li> <li><a href="../features/anticache.html">Anticache</a></li> <li><a href="../features/clientreplay.html">Client-side replay</a></li> <li><a href="../features/filters.html">Filter expressions</a></li> <li><a href="../features/proxyauth.html">Proxy Authentication</a></li> <li><a href="../features/replacements.html">Replacements</a></li> <li><a href="../features/serverreplay.html">Server-side replay</a></li> <li><a href="../features/setheaders.html">Set Headers</a></li> <li><a href="../features/sticky.html">Sticky cookies and auth</a></li> <li><a href="../features/reverseproxy.html">Reverse proxy mode</a></li> <li><a href="../features/upstreamcerts.html">Upstream Certs</a></li> <li class="nav-header">Installing Certificates</li> <li><a href="../ssl.html">Overview</a></li> <li><a href="../certinstall/firefox.html">Firefox</a></li> <li><a href="../certinstall/osx.html">OSX</a></li> <li><a href="../certinstall/windows7.html">Windows 7</a></li> <li><a href="../certinstall/ios.html">IOS</a></li> <li><a href="../certinstall/ios-simulator.html">IOS Simulator</a></li> <li><a href="../certinstall/android.html">Android</a></li> <li class="nav-header">Transparent Proxying</li> <li><a href="../transparent.html">Overview</a></li> <li class="active"><a href="linux.html">Linux</a></li> <li><a href="osx.html">OSX</a></li> <li class="nav-header">Tutorials</li> <li><a href="../tutorials/30second.html">Client playback: a 30 second example</a></li> <li><a href="../tutorials/gamecenter.html">Setting highscores on Apple's GameCenter</a></li> <li class="nav-header">Scripting mitmproxy</li> <li><a href="../scripting/inlinescripts.html">Inline Scripts</a></li> <li><a href="../scripting/libmproxy.html">libmproxy</a></li> <li class="nav-header">Hacking</li> <li><a href="../dev/testing.html">Testing</a></li> </ul> </div> </div> <div class="span9"> <div class="page-header"> <h1>Linux</h1> </div> <p>On Linux, mitmproxy integrates with the iptables redirection mechanism to achieve transparent mode.</p> <ol class="tlist"> <li> <a href="../ssl.html">Install the mitmproxy certificates on the test device</a>. </li> <li> Enable IP forwarding: <pre class="terminal">sysctl -w net.ipv4.ip_forward=1</pre> You may also want to consider enabling this permanently in <b>/etc/sysctl.conf</b>. </li> <li> Create an iptables ruleset that redirects the desired traffic to the mitmproxy port. Details will differ according to your setup, but the ruleset should look something like this: <pre class="terminal">iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080</pre> </li> <li> Fire up mitmproxy. You probably want a command like this: <pre class="terminal">mitmproxy -T --host</pre> The <b>-T</b> flag turns on transparent mode, and the <b>--host</b> argument tells mitmproxy to use the value of the Host header for URL display. </li> <li> Finally, configure your test device to use the host on which mitmproxy is running as the default gateway.</li> </ol> </div> </div> <hr> <footer> <p>© mitmproxy project, 2013</p> </footer> </div> </body></html>