|
|
@@ -14,43 +14,22 @@ |
|
|
|
value: 0 |
|
|
|
sysctl_set: yes |
|
|
|
|
|
|
|
- name: Allow MITM private port |
|
|
|
iptables: |
|
|
|
chain: INPUT |
|
|
|
action: insert |
|
|
|
rule_num: 10 |
|
|
|
protocol: tcp |
|
|
|
destination_port: "{{ mitm_port }}" |
|
|
|
ctstate: NEW |
|
|
|
syn: match |
|
|
|
jump: ACCEPT |
|
|
|
comment: Accept new local TCP DNS connections on private port |
|
|
|
become: yes |
|
|
|
tags: algo_related |
|
|
|
|
|
|
|
- name: Setup for MITM and save iptables |
|
|
|
block: |
|
|
|
- name: "Allow MITM private port" |
|
|
|
iptables: |
|
|
|
chain: INPUT |
|
|
|
action: insert |
|
|
|
rule_num: 10 |
|
|
|
protocol: tcp |
|
|
|
destination_port: "{{ mitm_port }}" |
|
|
|
ctstate: NEW |
|
|
|
syn: match |
|
|
|
jump: ACCEPT |
|
|
|
comment: Accept new local TCP DNS connections on private port |
|
|
|
become: yes |
|
|
|
|
|
|
|
- name: Route port 80 through mitmproxy |
|
|
|
iptables: |
|
|
|
table: nat |
|
|
|
chain: PREROUTING |
|
|
|
action: insert |
|
|
|
rule_num: 1 |
|
|
|
protocol: tcp |
|
|
|
destination_port: 80 |
|
|
|
jump: REDIRECT |
|
|
|
to_ports: "{{ mitm_port }}" |
|
|
|
|
|
|
|
- name: Route port 443 through mitmproxy |
|
|
|
iptables: |
|
|
|
table: nat |
|
|
|
chain: PREROUTING |
|
|
|
action: insert |
|
|
|
rule_num: 2 |
|
|
|
protocol: tcp |
|
|
|
destination_port: 443 |
|
|
|
jump: REDIRECT |
|
|
|
to_ports: "{{ mitm_port }}" |
|
|
|
|
|
|
|
- name: save iptables rules |
|
|
|
shell: iptables-save > /etc/iptables/rules.v4 |
|
|
|
become: yes |
|
|
@@ -58,4 +37,4 @@ |
|
|
|
- name: save iptables v6 rules |
|
|
|
shell: ip6tables-save > /etc/iptables/rules.v6 |
|
|
|
become: yes |
|
|
|
tags: algo_related |
|
|
|
tags: always |