transparent forced dns-'proxy' on Exit-Node - is it ok?
Peter Palfrader
peter at palfrader.org
Wed Jan 10 03:12:10 UTC 2007
On Tue, 09 Jan 2007, herfel at gmx.net wrote:
> Hello,
>
> for reasons that are not relevant to the question, my tor-node
> 'cannot' function as an exit-node. However I was thinking that it
> would be possible for me, to use iptables to force-route all outgoing
> dns-requests from the tor-IP to my local dns-server
Don't.
Just do not exit to port 53, so nobody will try to tunnel their DNS
requests over Tor through you - tho I doubt many, if any, do this.
For the things Tor does resolve itself (like with normal exit requests
to say slashdot.com:80) just make sure your system can do DNS resolves
with the usual gethostbyname() libc call. Or, if you are on 0.1.2.*
that your etc/resolv.conf has servers in it that work.
Peter
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
More information about the tor-talk
mailing list