Sorry, also your /etc/shorewall/policy file should read:
net all DROP notice # The FOLLOWING POLICY MUST BE LAST all all REJECT notice
to allow for whitelisting in rules file.
Regards, T
On 3 October 2013 21:03, Thomas Hand th6045@gmail.com wrote:
Hi Jan,
Here is an example config for shorewall, pulled it straight off a relay I run.
# PORT PORT(S) DEST LIMIT GROUP SECTION NEW
# Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
#Ping(ACCEPT) net $FW Ping(DROP) net $FW ACCEPT net $FW tcp 9001 #tor ACCEPT net $FW tcp 9030 #tor-dir #ACCEPT net $FW tcp 22 #ssh/dropbear ACCEPT net $FW tcp 80 #apache #ACCEPT net $FW tcp 443 #ssl apache
# Permit all ICMP traffic FROM the firewall TO the net zone ACCEPT $FW net icmp
Paste that into your /etc/shorewall/rules file, uncomment lines as needed and then 'service shorewall restart'
Regards T
On 2 October 2013 20:34, Jan Hendrik den Besten tor@janhendrik.eu wrote:
Hi,
I installed tor a few days ago. It only runs fine if I stop my shorewall firewall. I found here some online help:
https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ
However, the shorewall-rules example given there doesn't work. It's mentioned the example is for shorewall v2.2.3 whereas the current version is v4.5.16.1.
Does anyone have a latest exmple of the /etc/shorewall/rules file?
thanks, Jan Hendrik
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays