vidalia and new firewall config
robert at roberthogan.net
Tue Aug 28 18:01:02 UTC 2007
On Tuesday 28 August 2007 10:53:24 Christian Grothoff wrote:
> On Tuesday 28 August 2007 03:34, Roger Dingledine wrote:
> > > Choosing 443 makes this hard to implement because Tor has to be started
> > > as root to bind to it. Would it be as well to suggest a popular
> > > high-numbered port such as 8080?
> > Good point. I guess in Windows-land it should be 443, but in Unix-land
> > it shouldn't be. Is 8080 popular? What are other good choices that won't
> > stand out too much?
> I disagree a bit here. It is pretty easy to use iptables & friends to map
> the external port 443 to any other internal port. I've been using this in
> GNUnet -- the http transport advertises the public port 80 and internally
> uses a different port. The user than adds a rule to the firewall
> configuration, something like:
> # iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j
> REDIRECT --to-ports 8080
Yes, but I think Tor will try to bind to the address that you want to
advertise - which is the problem.
8080 is used by coral cache and many others, including open proxies. Maybe
censors firewall it as a rule for just that reason.
Browse Anonymously Anywhere - http://anonymityanywhere.com
TorK - KDE Anonymity Manager - http://tork.sf.net
KlamAV - KDE Anti-Virus - http://www.klamav.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part.
More information about the tor-dev