[tor-relays] need help with running tor in combination with shorewall
Thomas Hand
th6045 at gmail.com
Thu Oct 3 20:06:12 UTC 2013
Sorry, also your /etc/shorewall/policy file should read:
net all DROP notice
# The FOLLOWING POLICY MUST BE LAST
all all REJECT notice
to allow for whitelisting in rules file.
Regards,
T
On 3 October 2013 21:03, Thomas Hand <th6045 at gmail.com> wrote:
> Hi Jan,
>
> Here is an example config for shorewall, pulled it straight off a relay I
> run.
>
> # PORT PORT(S)
> DEST LIMIT GROUP
> SECTION NEW
>
> # Drop Ping from the "bad" net zone.. and prevent your log from being
> flooded..
>
> #Ping(ACCEPT) net $FW
> Ping(DROP) net $FW
> ACCEPT net $FW tcp 9001 #tor
> ACCEPT net $FW tcp 9030 #tor-dir
> #ACCEPT net $FW tcp 22
> #ssh/dropbear
> ACCEPT net $FW tcp 80 #apache
> #ACCEPT net $FW tcp 443 #ssl apache
>
> # Permit all ICMP traffic FROM the firewall TO the net zone
> ACCEPT $FW net icmp
>
>
> Paste that into your /etc/shorewall/rules file, uncomment lines as needed
> and then 'service shorewall restart'
>
> Regards
> T
>
>
> On 2 October 2013 20:34, Jan Hendrik den Besten <tor at janhendrik.eu> wrote:
>
>> Hi,
>>
>> I installed tor a few days ago. It only runs fine if I stop my shorewall
>> firewall. I found here some online help:
>>
>> https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ
>>
>> However, the shorewall-rules example given there doesn't work. It's
>> mentioned the example is for shorewall v2.2.3 whereas the current version
>> is v4.5.16.1.
>>
>> Does anyone have a latest exmple of the /etc/shorewall/rules file?
>>
>> thanks, Jan Hendrik
>> --
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131003/6f5d06fd/attachment.html>
More information about the tor-relays
mailing list