[tor-relays] does it make sense to close unused ports at a tor relay with iptables ?
daniel at bowlhat.net
Thu Apr 28 14:35:12 UTC 2016
On 28/04/16 14:33, Dr Gerard Bulger wrote:
> Currently the rules are thus:
> -A INPUT -p tcp -m tcp --dport 9030 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 9051 -j ACCEPT
> Which opens up those TOR ports on BOTH my IPs, not what I want (OK torrc is listening to the second IP, but that is fiddly to set up for each service)
> I want my normal ports to be open on 1st IP and shut on second IP.
to block per IP Address you can amend to use the following form:
-A INPUT -p tcp -m tcp -d <your tor IP> --dport 9030 -j ACCEPT
-A INPUT -p tcp -m tcp -d <your tor IP> --dport 9051 -j ACCEPT
P.S. this email is not GnuPG signed because I'm having issues with enigmail, ubuntu, gpg-agent and yubikey
Daniel Llewellyn, Bowl Hat
PGP/GnuPG Key ID: 0x0349ED21
4C9C BFAD 0069 D679 9660 BCD5 40C2 D958 0349 ED21
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 30863 bytes
Desc: not available
More information about the tor-relays