[tor-commits] [orbot/master] remove redundant iptables rules for transproxy

[n8fr8 at torproject.org]

commit 27d5945add2b9018952ed6185f4274109a58c28b
Author: Nathan Freitas <nathan at freitas.net>
Date:   Mon Mar 3 10:37:35 2014 -0500

    remove redundant iptables rules for transproxy
---
 src/org/torproject/android/service/TorTransProxy.java |    8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/org/torproject/android/service/TorTransProxy.java b/src/org/torproject/android/service/TorTransProxy.java
index 04400ac..7280eeb 100644
--- a/src/org/torproject/android/service/TorTransProxy.java
+++ b/src/org/torproject/android/service/TorTransProxy.java
@@ -302,7 +302,6 @@ public class TorTransProxy implements TorServiceConstants {
 
 			if (tApp.isTorified()
 					&& (!tApp.getUsername().equals(TorServiceConstants.TOR_APP_USERNAME))
-					&& (!tApp.getUsername().equals(TorServiceConstants.ORWEB_APP_USERNAME))
 					) //if app is set to true
 			{
 				
@@ -528,7 +527,9 @@ public class TorTransProxy implements TorServiceConstants {
 		script.append(ipTablesPath);
 		script.append(" -t nat");
 		script.append(" -A ").append(srcChainName);
-		script.append(" -p udp -m owner ! --uid-owner ");
+		script.append(" -p udp");
+		script.append(" ! -d 127.0.0.1"); //allow access to localhost
+		script.append(" -m owner ! --uid-owner ");
 		script.append(torUid);
 		script.append(" -m udp --dport "); 
 		script.append(STANDARD_DNS_PORT);
@@ -536,6 +537,7 @@ public class TorTransProxy implements TorServiceConstants {
 		script.append(TOR_DNS_PORT);
 		script.append(" || exit\n");
 		
+		/**
 		int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP};
 		
 		for (int port : ports)
@@ -553,7 +555,7 @@ public class TorTransProxy implements TorServiceConstants {
 			script.append(" -j ACCEPT");
 			script.append(" || exit\n");
 		
-		}
+		}**/
 		
 		// Allow loopback
 		script.append(ipTablesPath);