|
12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- - sysctl:
- name: net.ipv4.ip_forward
- value: 1
- sysctl_set: yes
- - sysctl:
- name: net.ipv6.conf.all.forwarding
- value: 1
- sysctl_set: yes
- - sysctl:
- name: net.ipv4.conf.all.send_redirects
- value: 0
- sysctl_set: yes
-
- - name: "Allow MITM private port"
- iptables:
- chain: INPUT
- action: insert
- rule_num: 10
- protocol: tcp
- destination_port: "{{ mitm_port }}"
- ctstate: NEW
- syn: match
- jump: ACCEPT
- comment: Accept new local TCP DNS connections on private port
- become: yes
-
- - name: Route port 80 through mitmproxy
- iptables:
- table: nat
- chain: PREROUTING
- action: insert
- rule_num: 1
- protocol: tcp
- destination_port: 80
- jump: REDIRECT
- to_ports: "{{ mitm_port }}"
-
- - name: Route port 443 through mitmproxy
- iptables:
- table: nat
- chain: PREROUTING
- action: insert
- rule_num: 2
- protocol: tcp
- destination_port: 443
- jump: REDIRECT
- to_ports: "{{ mitm_port }}"
-
- - name: save iptables rules
- shell: iptables-save > /etc/iptables/rules.v4
- become: yes
-
- - name: save iptables v6 rules
- shell: ip6tables-save > /etc/iptables/rules.v6
- become: yes
|