I am using sshuttle to get cleanly out of a questionable hotel wifi connection. I have a little travel router and would like to use it as well, briding my laptop's sshuttle connection so I can connect my phone to the router and have it tunnelled as well.

I have my laptop talking to both correctly, but can't get the router traffic out to sshuttle. I'm sure there's some iptables magic that can help me.

I'm starting sshuttle like this:

sshuttle -e 'ssh -C' --dns -r -x

From iptables-save after starting sshuttle (the router is

:sshuttle-12300 - [0:0]
-A PREROUTING -j sshuttle-12300
-A OUTPUT -j sshuttle-12300
-A sshuttle-12300 -d -p tcp -j RETURN
-A sshuttle-12300 -d -p tcp -j RETURN
-A sshuttle-12300 -p tcp -m ttl ! --ttl-eq 42 -j REDIRECT --to-ports 12300
-A sshuttle-12300 -d -p udp -m udp --dport 53 -m ttl ! --ttl-eq 42 -j REDIRECT --to-ports 12300

Can anybody help me get that traffic from into the redirect?

Best Answer

  • I think you want this (awfully phrased option)...

    -l, --listen ... transproxy to this ip address and port number

    for something like...

    shuttle -l -e 'ssh -C' ....

    or if that doesn't work, i'd try -l, or whatever the address is of your LAN interface.

    sshuttle ROCKS, but the documentation, is well, iffy. i mean, WTF does transproxy mean? that is SO NOT a word, lol. 🚀 😎

