1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
|
.Dd $Mdocdate: August 7 2008 $
.Dt ETHERPUPPET 1
.Os
.Sh NAME
.Nm etherpuppet
.Nd create a virtual interface from a remote Ethernet interface
.Sh SYNOPSIS
.Nm
.Op Fl s Ar port
.Op Fl c Ar target:port
.Op Fl B
.Op Fl S
.Op Fl M Ar filter
.Op Fl C
.Op Fl i Ar iface
.Nm
.Op Fl m
.Op Fl s Ar port
.Op Fl c Ar target:port
.Op Fl I Ar iface
.Sh DESCRIPTION
.Nm
is a small program that will create a virtual interface
.Em (TUN/TAP)
on one machine from the ethernet interface of another
machine through a TCP connection. Everything seen by the real
interface will be seen by the virtual one. Everything sent to the
virtual interface will be emitted by the real one.
.Pp
It has been designed because one often has a small machine as his
Internet gateway, and sometimes want to run some big applications
that need raw access to this interface, for sniffing (Ethereal, etc.)
or for crafting packets that do not survive being reassembled, NATed,
etc.
.Pp
When launched with the first syntax,
.Nm
is a slave that will send to its master everything that passes on the
given interface. With the second syntax,
.Nm
is the master and will create the special
.Em TAP
device (whose default name starts with
.Em puppet .
In both modes,
.Nm
is able to either connect or listen to its slave/master.
.Pp
Traffic seen by the real interface is sent through the TCP connection
to the doll interface. Thus, it is important that this connection is
not seen by the real interface (or else, we'll have a cute infinite
traffic loop).
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl s Ar port
Listen on the given TCP port.
.It Fl c Ar ip:port
Connect to the slave/master on the given IP/port.
.It Fl i Ar iface
Vampirize the given interface name.
.It Fl I Ar ifname
Choose the name of the virtual interface.
.It Fl m
Master mode.
.It Fl B
Do not use
.Em BPF .
With this option,
.Nm
may see its own traffic.
.It Fl S
Build
.Em BPF
with the content of
.Em SSH_CONNECTION
environment variable.
.It Fl M Ar src:sp,dst:dp
Build manually a
.Em BPF
filter that will exclude matching traffic in both directions.
.It Fl C
Do not copy real interface parameters to virtual interface.
.El
.Pp
The source and destination are by default the TCP connection end
points. If you go through SSH tunneling, you can use the
.Fl S
option to use
.Em SSH_CONNECTION
environment variable content instead, so that you will filter out the
SSH connection of your current session and not the connection to the
local SSH tunnel end point (which is pointless). If this still not fit
your needs, you can manually specify the connection end points with
.Fl M .
.Pp
If you connect two Etherpuppet instances in master mode, you'll get a
TCP tunnel through virtual interfaces.
.Pp
If you connect two Etherpuppet instances in slave mode, you may get
some kind of inefficient distributed bridge, but more probably, you'll
get a big mess.
.Sh AUTHORS
.An -nosplit
The
.Nm
program was written by
.An Philippe Biondi Aq phil@secdev.org .
.Pp
This manual page was written by
.An Vincent Bernat Aq bernat@debian.org ,
for the Debian project (but may be used by others).
|
