/usr/share/doc/sshuttle/sshuttle.conf

dwww Home | Show directory contents | Find package
description "Create a transparent proxy over SSH"
author      "Jim Wyllie <jwyllie83@gmail.com>"

manual
nice -5

# Edit this file with network prefixes that should be loaded through the SSH
# tunnel.
env PREFIX_LOCATION=/etc/sshuttle/prefixes.conf

# Routing table; defaults to 100
env ROUTE_TABLE=100

# fwmark; defaults to 1
env FWMARK=1

# SSH tunnel configuration file
env SSHUTTLE_TUNNEL_FILE=/etc/sshuttle/tunnel.conf

# File containing the tunnel proxy name / host / whatever
env TUNNEL_PROXY="/etc/sshuttle/tunnel.conf"

# Any other commands needed to run before or after loading the SSH tunnel.
# This is where you can put any of your hacks to set up tunnels-in-tunnels,
# etc.  Scripts in this directory are executed in order.
env MISC_START_DIR=/etc/sshuttle/pre-start.d
env MISC_STOP_DIR=/etc/sshuttle/post-stop.d

start on (local-filesystems and net-device-up IFACE!=lo)
stop on stopping network-services

#respawn

pre-start script
        # Make sure we have created the routes
        sudo ip rule add fwmark ${FWMARK} lookup ${ROUTE_TABLE}
        logger "Starting sshuttle..."

        if [ -f "${PREFIX_LOCATION}" ]; then
                cat "${PREFIX_LOCATION}" | while read ROUTE; do

                        # Skip comments
                        if [ -n "$(echo ${ROUTE} | egrep "^[    ]*#")" ]; then
                                continue
                        fi

                        # Skip empty lines
                        if [ -z "${ROUTE}" ]; then
                                continue
                        fi

                        logger "Adding route: ${ROUTE}"
                        ip route add local ${ROUTE} dev lo table ${ROUTE_TABLE}
                done
        fi

        for RUNFILE in ${MISC_START_DIR}/*; do
                logger "Executing ${RUNFILE}"
                /bin/sh -c "${RUNFILE}"
        done
end script

post-stop script
        if [ -f "${PREFIX_LOCATION}" ]; then
                cat "${PREFIX_LOCATION}" | while read ROUTE; do

                        # Skip comments
                        if [ -n "$(echo ${ROUTE} | egrep "^[    ]*#")" ]; then
                                continue
                        fi

                        # Skip empty lines
                        if [ -z "${ROUTE}" ]; then
                                continue
                        fi

                        logger "Deleting route: ${ROUTE}"
                        ip route del local ${ROUTE} dev lo table ${ROUTE_TABLE}
                done
        fi

        ip rule del fwmark ${FWMARK}

        for RUNFILE in "${MISC_STOP_DIR}/*"; do
                logger "Executing ${RUNFILE}"
                /bin/sh -c "${RUNFILE}"
        done
end script

exec /usr/bin/sshuttle --dns --method=tproxy --listen 0.0.0.0 --remote sshuttle_tunnel -s /etc/sshuttle/prefixes.conf -e "ssh -F ${TUNNEL_PROXY}"
Generated by dwww version 1.15 on Thu Jun 27 23:06:05 CEST 2024.