sshuttle(8) - a transparent proxy-based VPN using ssh 
-l,listen=[ip:]port
       use  this  ip address and port number as the transparent proxy port.  By default sshuttle finds an
       available port automatically and listens on  IP  127.0.0.1  (localhost),  so  you  don't  need  to
       override  it,  and connections are only proxied from the local machine, not from outside machines.
       If you want to accept connections from other machines on your network (ie.  to run sshuttle  on  a
       router) try enabling IP Forwarding in your kernel, then using --listen 0.0.0.0:0.
 
-H,auto-hosts
       scan  for  remote hostnames and update the local /etc/hosts file with matching entries for as long
       as the VPN is open.  This is nicer than changing your system's  DNS  (/etc/resolv.conf)  settings,
       for  several  reasons.   First,  hostnames  are  added  without  domain names attached, so you can
       ssh thatserver without worrying if your local domain matches  the  remote  one.   Second,  if  you
       sshuttle into more than one VPN at a time, it's impossible to use more than one DNS server at once
       anyway, but sshuttle correctly merges /etc/hosts entries between all running  copies.   Third,  if
       you're only routing a few subnets over the VPN, you probably would prefer to keep using your local
       DNS server for everything else.
 
-N,auto-nets
       in addition to the subnets provided on the command line, ask the server which subnets it thinks we
       should  route,  and  route  those automatically.  The suggestions are taken automatically from the
       server's routing table.

—dns   capture local DNS requests and forward to the remote DNS server.

—python
       specify the name/path of the remote python interpreter.  The default is just python,  which  means
       to use the default python interpreter on the remote system's PATH.
 
-r,remote=[username@]sshserver[:port]
       the  remote hostname and optional username and ssh port number to use for connecting to the remote
       server.    For   example,   example.com,   testuser@example.com,   testuser@example.com:2222,   or
       example.com:2244.
 
-x,exclude=subnet
       explicitly  exclude  this  subnet  from  forwarding.  The format of this option is the same as the
       <subnets> option.  To exclude more than one subnet, specify the -x option more than once.  You can
       say  something  like 0/0 -x 1.2.3.0/24 to forward everything except the local subnet over the VPN,
       for example.
 
-v,verbose
       print more information about the session.  This option can be used more than  once  for  increased
       verbosity.  By default, sshuttle prints only error messages.
 
-e,ssh-cmd
       the  command  to  use to connect to the remote server.  The default is just ssh.  Use this if your
       ssh client is in a non-standard location or you want to provide extra options to the ssh  command,
       for example, -e 'ssh -v'.

—seed-hosts
       a comma-separated list of hostnames to use to initialize the --auto-hosts scan algorithm.  --auto-
       hosts does things like poll local SMB servers for lists of local hostnames, but can  speed  things
       up if you use this option to give it a few names to start from.
 
-D,daemon
       automatically fork into the background after connecting to the remote server.  Implies --syslog.

—syslog
       after connecting, send all log messages to the syslog(3)  service  instead  of  stderr.   This  is
       implicit if you use --daemon.