Commit c03168042f6d9e39956a2e0d41763077baf38aec
Added IPv6 transparent proxying instructions
Yves Rutschle committed on 12/31/2014, 1:53:59 PMParent: 2705426f630f6e62f738ff35da68c91824fe6bbd
Files changed
| README.md | changed |
| README.md | ||
|---|---|---|
| @@ -242,8 +242,18 @@ | ||
| 242 | 242 | # iptables -t mangle -A SSLH --jump ACCEPT |
| 243 | 243 | # ip rule add fwmark 0x1 lookup 100 |
| 244 | 244 | # ip route add local 0.0.0.0/0 dev lo table 100 |
| 245 | 245 | |
| 246 | +Tranparent proxying with IPv6 is similarly set up as follows: | |
| 247 | + | |
| 248 | + # ip6tables -t mangle -N SSLH | |
| 249 | + # ip6tables -t mangle -A OUTPUT --protocol tcp --out-interface eth0 --sport 22 --jump SSLH | |
| 250 | + # ip6tables -t mangle -A OUTPUT --protocol tcp --out-interface eth0 --sport 4443 --jump SSLH | |
| 251 | + # ip6tables -t mangle -A SSLH --jump MARK --set-mark 0x1 | |
| 252 | + # ip6tables -t mangle -A SSLH --jump ACCEPT | |
| 253 | + # ip -6 rule add fwmark 0x1 lookup 100 | |
| 254 | + # ip -6 route add local ::/0 dev lo table 100 | |
| 255 | + | |
| 246 | 256 | FreeBSD: |
| 247 | 257 | |
| 248 | 258 | Given you have no firewall defined yet, you can use the following configuration |
| 249 | 259 | to have ipfw properly redirect traffic back to sslh |
Built with git-ssb-web