commit 27d5945add2b9018952ed6185f4274109a58c28b Author: Nathan Freitas nathan@freitas.net Date: Mon Mar 3 10:37:35 2014 -0500

remove redundant iptables rules for transproxy --- src/org/torproject/android/service/TorTransProxy.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/org/torproject/android/service/TorTransProxy.java b/src/org/torproject/android/service/TorTransProxy.java index 04400ac..7280eeb 100644 --- a/src/org/torproject/android/service/TorTransProxy.java +++ b/src/org/torproject/android/service/TorTransProxy.java @@ -302,7 +302,6 @@ public class TorTransProxy implements TorServiceConstants {

if (tApp.isTorified() && (!tApp.getUsername().equals(TorServiceConstants.TOR_APP_USERNAME)) - && (!tApp.getUsername().equals(TorServiceConstants.ORWEB_APP_USERNAME)) ) //if app is set to true { @@ -528,7 +527,9 @@ public class TorTransProxy implements TorServiceConstants { script.append(ipTablesPath); script.append(" -t nat"); script.append(" -A ").append(srcChainName); - script.append(" -p udp -m owner ! --uid-owner "); + script.append(" -p udp"); + script.append(" ! -d 127.0.0.1"); //allow access to localhost + script.append(" -m owner ! --uid-owner "); script.append(torUid); script.append(" -m udp --dport "); script.append(STANDARD_DNS_PORT); @@ -536,6 +537,7 @@ public class TorTransProxy implements TorServiceConstants { script.append(TOR_DNS_PORT); script.append(" || exit\n"); + /** int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP}; for (int port : ports) @@ -553,7 +555,7 @@ public class TorTransProxy implements TorServiceConstants { script.append(" -j ACCEPT"); script.append(" || exit\n"); - } + }**/ // Allow loopback script.append(ipTablesPath);