Archives/SSLproxy
2
0
Fork 0
mirror of https://github.com/sonertari/SSLproxy synced 2024-11-18 03:25:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update the man page to include the -F option and its logspec directives.

Browse Source
This commit is contained in:
Landon Fuller 2014-11-07 17:03:55 -07:00
parent 7ce301a60f
commit bea605d7ca
No known key found for this signature in database
GPG Key ID: 28BBCFC35B80A3C4
1 changed files with 43 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
sslsplit.1
View File

@ -116,6 +116,14 @@ returned by \fB-E\fP.
List all supported NAT engines available on the system and exit. See
NAT ENGINES for a list of NAT engines currently supported by SSLsplit.
.TP
.B \-F \fIlogspec\fP
Log connection content to separate log files with the given path specification
(see LOG SPECIFICATIONS below). For each connection, a log file will be
written, which will contain both directions of data as transmitted.
Information about the connection will be contained in the filename only.
If \fB-F\fP is used with \fB-j\fP, \fIlogspec\fP is relative to \fIjaildir\fP.
If \fB-F\fP is used with \fB-u\fP, \fIlogspec\fP must be writable by \fIuser\fP.
.TP
.B \-g \fIpemfile\fP
Use Diffie-Hellman group parameters from \fIpemfile\fP for Ephemereal
Diffie-Hellman (EDH/DHE) cipher suites. If \fB-g\fP is not given, SSLsplit
@ -147,8 +155,8 @@ Display help on usage and exit.
.TP
.B \-j \fIjaildir\fP
Change the root directory to \fIjaildir\fP using chroot(2) after opening files.
Note that this has implications for both \fB-S\fP and for \fBsni\fP
\fIproxyspecs\fP. The directory given with \fB-S\fP will be relative to
Note that this has implications for \fB-F\fP, \fB-S\fP, and for \fBsni\fP
\fIproxyspecs\fP. The path given with \fB-S\fP or \fB-F\fP will be relative to
\fIjaildir\fP since the log files cannot be opened before calling chroot(2).
Depending on your operating system, you will need to copy files such as
\fB/etc/resolv.conf\fP to \fIjaildir\fP in order for name resolution to work.
@ -347,6 +355,39 @@ than the NAT rules redirecting the actual connections.
Note that when using \fB-j\fP with \fBsni\fP, you may need to prepare
\fIjaildir\fP to make name resolution work from within the chroot directory.
.LP
.SH "LOG SPECIFICATIONS"
Log specifications are composed of zero or more printf-style directives;
ordinary characters are included directly in the output path.
SSLsplit current supports the following directives:
.TP
.I %d
The destination address and port.
.TP
.I %s
The source address and port.
.TP
.I %x
The name of the local process. If process information is unavailable,
this directive will be omitted from the output path.
.TP
.I %X
The full path of the local process. If process information is unavailable,
this directive will be omitted from the output path.
.TP
.I %u
The username or numeric uid of the local process. If process information is unavailable,
this directive will be omitted from the output path.
.TP
.I %g
The group name or numeric gid of the local process. If process information is unavailable,
this directive will be omitted from the output path.
.TP
.I %T
The initial connection time as an ISO 8601 UTC timestamp.
.TP
.I %%
A literal '%' character.
.LP
.SH "NAT ENGINES"
SSLsplit currently supports the following NAT engines:
.TP