[or-cvs] r17082: {torvm} Accepting connections to the control port via the tap device (torvm/trunk/build/kamikaze/patches)
coderman at seul.org
coderman at seul.org
Tue Oct 14 02:14:28 UTC 2008
Author: coderman
Date: 2008-10-13 22:14:28 -0400 (Mon, 13 Oct 2008)
New Revision: 17082
Modified:
torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch
Log:
Accepting connections to the control port via the tap device is more useful than trying to transparently proxy them...
Modified: torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch
===================================================================
--- torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch 2008-10-14 01:23:57 UTC (rev 17081)
+++ torvm/trunk/build/kamikaze/patches/001-kamikaze-tor-package.patch 2008-10-14 02:14:28 UTC (rev 17082)
@@ -115,8 +115,8 @@
+$(eval $(call BuildPackage,tor))
diff -Naur orig-kamikaze/package/tor/files/tor.init mod-torpkg-kamikaze/package/tor/files/tor.init
--- orig-kamikaze/package/tor/files/tor.init 1970-01-01 00:00:00.000000000 +0000
-+++ mod-torpkg-kamikaze/package/tor/files/tor.init 2008-10-14 01:04:18.402521406 +0000
-@@ -0,0 +1,108 @@
++++ mod-torpkg-kamikaze/package/tor/files/tor.init 2008-10-14 02:07:38.092349312 +0000
+@@ -0,0 +1,110 @@
+#!/bin/sh
+
+BIN=tor
@@ -171,6 +171,8 @@
+ fi;
+ # start tor process
+ $BIN -f $CONF_F $OPTIONS > $SLOG_F 2>&1
++ # TODO for now used fixed control port accept rule
++ iptables -t nat -I PREROUTING -i $TOR_INTF -d $MYIP -p tcp --dport 9051 -j ACCEPT
+ # forcibly filter some traffic which should never go over Tor:
+ # no SMTP
+ iptables -t nat -A PREROUTING -i $TOR_INTF -s ! $MYIP -p tcp --dport 25 -j DROP
More information about the tor-commits
mailing list