NAME
  transproxy - program to start transproxy mode in Linux kernel

SYNOPSIS
  Usage: transproxy

DESCRIPTION
  transproxy is a program to start transparent proxy mode in Linux kernel for
  use with hunt, and the program is a POSIX shell script file.

  Make sure you have compiled the kernel with transproxy support (you have to
  enable IP_FIREWALL option and ALWAYS_DEFRAGMENT and IP_TRANSPARENT_PROXY
  options when you compile the kernel) and have iptables installed.

  The script contains two variables that control on which port it listens and to
  which port the traffic will be redirected.

  The default destination port is 7000 and the redirect port is 7044, to change
  these and other values, see below in the USAGE section for more information.

  The DST_PORT is the port to which ordinary clients (source hosts) tries to
  connect.

  The DST_PORT_PROXY is the port to which the data are redirected and on which
  listens transproxy user program that does all the black magic with data stream.

USAGE
  Before using the transproxy program, edit the file script at /usr/sbin/transproxy.

  You need to set some parameters and we recommend that in Linux kernel you use
  the program 'iptables' to manipulate the 'netfilter' package filter which is
  supported and documented in Debian, while the programs placed by upstream
  'ipchains' and 'ipfwadm' are no longer present in Debian since 2006, because
  'ipfwadm' was the package filter of Linux kernel 2.0 and 'ipchains' was its
  total replacement in Linux kernel 2.2, and then 'iptables' over 'netfilter'
  came to replace 'ipchains' completely since kernel 2.4, so 'ipchains' and
  'ipfwadm' don't exist in the current Linux kernel versions and don't serve any
  purpose anymore.

FILES
  /usr/sbin/transproxy

EXAMPLES

 HOW IT WORKS TOGETHER - HUNT/TRANSPROXY/TPSERV

  Here is small example how to use together hunt, transproxy and tpserv.

  1. At the beginning run tpsetup/transproxy program.
     The default destination port is 7000 and redirecting port is 7044.

  2. Run tpserv/tpserv -v (or -vv).

  3. Run hunt and enter arp spoof daemon menu. Do not start the daemon unless
     you modify the tpsetup/transproxy script "i" insert the single arp spoof
     in this order:
          - IP address (name) of your gateway or IP address (name) of destination
            host if the host is in the same IP subnet as source host.
          - as fake mac address enter 'my' or enter your interface MAC address.
          - enter IP address (name) of source host (client) from which you want
            to receive data - connections.
          - optionally enter refresh interval "t" test if the spoof was successful.

  4. from the source host try to run telnet 1.1.1.1 7000 (or telnet
     destination_name 7000) and type some chars. The chars should be echoed back
     by tpserv program.

  You can then play little bit with DST_PORT setting in setup/transproxy script
  and/or -c option of tpserv program or change tpserv to modify data going
  from/to source/destination.

SEE ALSO
  hunt(8), tpserv(8)

AUTHOR
  transproxy was written by Pavel Krauz <kra@gncz.cz>.

  This manual page was written by Braulio Henrique Marques Souto
  <braulio@disroot.org> for the Debian project (but may be used by others).
