table of contents
ETHERPUPPET(1) | General Commands Manual | ETHERPUPPET(1) |
NAME¶
etherpuppet
—
create a virtual interface from a remote Ethernet
interface
SYNOPSIS¶
etherpuppet |
[-s port]
[-c target:port]
[-B ] [-S ]
[-M filter]
[-C ] [-i
iface] |
etherpuppet |
[-m ] [-s
port] [-c
target:port] [-I
iface] |
DESCRIPTION¶
etherpuppet
is a small program that will
create a virtual interface
(TUN/TAP)
on one machine from the ethernet interface of another machine through a TCP
connection. Everything seen by the real interface will be seen by the
virtual one. Everything sent to the virtual interface will be emitted by the
real one.
It has been designed because one often has a small machine as his Internet gateway, and sometimes want to run some big applications that need raw access to this interface, for sniffing (Ethereal, etc.) or for crafting packets that do not survive being reassembled, NATed, etc.
When launched with the first syntax,
etherpuppet
is a slave that will send to its master
everything that passes on the given interface. With the second syntax,
etherpuppet
is the master and will create the
special TAP device
(whose default name starts with
puppet.
In both modes, etherpuppet
is able to either connect
or listen to its slave/master.
Traffic seen by the real interface is sent through the TCP connection to the doll interface. Thus, it is important that this connection is not seen by the real interface (or else, we'll have a cute infinite traffic loop).
The options are as follows:
-s
port- Listen on the given TCP port.
-c
ip:port- Connect to the slave/master on the given IP/port.
-i
iface- Vampirize the given interface name.
-I
ifname- Choose the name of the virtual interface.
-m
- Master mode.
-B
- Do not use BPF. With this option,
etherpuppet
may see its own traffic. -S
- Build BPF with the content of SSH_CONNECTION environment variable.
-M
src:sp,dst:dp- Build manually a BPF filter that will exclude matching traffic in both directions.
-C
- Do not copy real interface parameters to virtual interface.
The source and destination are by default the TCP connection end
points. If you go through SSH tunneling, you can use the
-S
option to use SSH_CONNECTION
environment variable content instead, so that you will filter out the SSH
connection of your current session and not the connection to the local SSH
tunnel end point (which is pointless). If this still not fit your needs, you
can manually specify the connection end points with
-M
.
If you connect two Etherpuppet instances in master mode, you'll get a TCP tunnel through virtual interfaces.
If you connect two Etherpuppet instances in slave mode, you may get some kind of inefficient distributed bridge, but more probably, you'll get a big mess.
AUTHORS¶
The etherpuppet
program was written by
Philippe Biondi ⟨phil@secdev.org⟩.
This manual page was written by Vincent Bernat ⟨bernat@debian.org⟩, for the Debian project (but may be used by others).
August 7, 2008 | Debian |