Hi, on a small server I did try to force local DNS requests to the local Tor via iptables/ferm (Nat, Output-Chain, protocol udp dport domain REDIRECT to-ports 5300). Torrc has the following included: 'DNSPort 127.0.0.1:5300'.
Unfortunately, it doesn't work as expected, but I get a warning in Tor's notices.log stating "[warn] Rejecting DNS request from disallowed IP" for each DNS request and even after hours of searching around and trying different configs I could't find the root cause yet.
Question: what does "disallowed IP" really mean, i.e. what IPs are allowed by Tor and which ones are not? Any ideas and hints on how to investigate further are highly welcome! :-)
to