[tor-talk] iptables rules
Robert Watson
robert at gillecaluim.com
Mon Oct 20 15:52:18 UTC 2014
could someone please clarify a question I have about configuring tor &
iptables. I'm using a dual nic centos server with squid/privoxy/tor behind
a ISP router. My internet nic (eth0) gets a dhcp address so I wasn't sure
how to set SocksBindAddress to the eth0 address? Is there a
SocksBindAdapter setting available?
My tor.conf:
*SocksPort 9150 #privoxy socks5 port*
*SocksBindAddress 127.0.0.1*
*SocksPolicy accept 127.0.0.1*
*SocksPolicy reject **
*AllowUnverifiedNodes middle,rendezvous*
*Log notice syslog*
*RunAsDaemon 1*
*User tor*
*CircuitBuildTimeout 30*
*NumEntryGuards 6*
*KeepalivePeriod 60*
*NewCircuitPeriod 15*
*DataDirectory /var/lib/tor*
*PidFile /var/run/tor/tor.pid*
*Log notice file /var/log/tor/tor.log*
I was thinking I would have to forward eth0:9050 to lo:9050 with these
rules:
*-A FORWARD -i lo -o eth0 -p tcp --dport 9050 -j ACCEPT*
*-A FORWARD -i eth0 -o lo -m state --state ESTABLISHED,RELATED -j ACCEPT*
Any advice would be appreciated.
Robert
More information about the tor-talk
mailing list