[tor-talk] Tor and iptables.
Jonathan Marquardt
mail at parckwart.de
Sun Dec 11 15:24:00 UTC 2016
On Sun, Dec 11, 2016 at 12:26:47PM +0000, Jason Long wrote:
> Excuse me, I must allow input to my system? It is so bad :(, I don't like to allow everyone.
This has nothing to do with Tor. It's just the general way how the IP protocol
works. Without allowing stateful input, you couldn't do any useful traffic.
You always need to make sure that there's a way to the destination (output)
and a way for the target server to reply to you (input).
But using stateful inspection, only input that is a reply to your output is
allowed. There should't be any security risk because of this. It's what your
home router is doing as well to allow the servers you want to talk to to
reply.
See also: https://en.wikipedia.org/wiki/Stateful_firewall
More information about the tor-talk
mailing list