From 3db38c992ac51ff7d9a5764fe4e8aa202212c019 Mon Sep 17 00:00:00 2001 From: Brian May Date: Tue, 15 Dec 2015 14:23:19 +1100 Subject: [PATCH] Replace numbered points with dot points. --- README.rst | 48 ++++++++++++++++++++++++------------------------ 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/README.rst b/README.rst index bd64a10..5deb8ec 100644 --- a/README.rst +++ b/README.rst @@ -72,39 +72,39 @@ later. There are some things you need to consider for TPROXY to work: -1. The following commands need to be run first as root. This only needs to be - done once after booting up:: +- The following commands need to be run first as root. This only needs to be + done once after booting up:: - ip route add local default dev lo table 100 - ip rule add fwmark 1 lookup 100 - ip -6 route add local default dev lo table 100 - ip -6 rule add fwmark 1 lookup 100 + ip route add local default dev lo table 100 + ip rule add fwmark 1 lookup 100 + ip -6 route add local default dev lo table 100 + ip -6 rule add fwmark 1 lookup 100 -2. The client needs to be run as root. e.g.:: +- The client needs to be run as root. e.g.:: - sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... + sudo SSH_AUTH_SOCK="$SSH_AUTH_SOCK" $HOME/tree/sshuttle.tproxy/sshuttle --method=tproxy ... -3. You may need to exclude the IP address of the server you are connecting to. - Otherwise sshuttle may attempt to intercept the ssh packets, which will not - work. Use the `--exclude` parameter for this. +- You may need to exclude the IP address of the server you are connecting to. + Otherwise sshuttle may attempt to intercept the ssh packets, which will not + work. Use the `--exclude` parameter for this. -4. Similarly, UDP return packets (including DNS) could get intercepted and - bounced back. This is the case if you have a broad subnet such as - ``0.0.0.0/0`` that includes the IP address of the client. Use the - `--exclude` parameter for this. +- Similarly, UDP return packets (including DNS) could get intercepted and + bounced back. This is the case if you have a broad subnet such as + ``0.0.0.0/0`` that includes the IP address of the client. Use the + `--exclude` parameter for this. -5. You do need the `--method=tproxy` parameter, as above. +- You do need the `--method=tproxy` parameter, as above. -6. The routes for the outgoing packets must already exist. For example, if your - connection does not have IPv6 support, no IPv6 routes will exist, IPv6 - packets will not be generated and sshuttle cannot intercept them:: +- The routes for the outgoing packets must already exist. For example, if your + connection does not have IPv6 support, no IPv6 routes will exist, IPv6 + packets will not be generated and sshuttle cannot intercept them:: - telnet -6 www.google.com 80 - Trying 2404:6800:4001:805::1010... - telnet: Unable to connect to remote host: Network is unreachable + telnet -6 www.google.com 80 + Trying 2404:6800:4001:805::1010... + telnet: Unable to connect to remote host: Network is unreachable - Add some dummy routes to external interfaces. Make sure they get removed - however after sshuttle exits. + Add some dummy routes to external interfaces. Make sure they get removed + however after sshuttle exits. Obtaining sshuttle