ANSWER:

You can use my tun2socks program for the “TCP catching” part. This program makes a virtual TUN network interface that forwards all outgoing TCP connections through a SOCKS proxy. If you add a routing rule (ip rule) to forward Ipad’s connection into tun2socks’ TUN interface, tun2socks will forward it to your SOCKS5 proxy. It should be much easier to perform the MITM attack in/as a SOCKS proxy.

Note that this approach is similar to the iptables redirect rule from your point of view, but you don’t have to do anything special to figure out the real destination of the connection – it will be present in the SOCKS5 protocol headers.

by Ambroz Bizjak from http://superuser.com/questions/417895