[tor-talk] tor with vpn
Mirimir
mirimir at riseup.net
Tue Jul 5 08:10:47 UTC 2016
On 07/05/2016 01:34 AM, grarpamp wrote:
> On 7/4/16, Mirimir <mirimir at riseup.net> wrote:
>> Yes, VMs are heavyweight. But iptables rules for this are pretty
>> trivial. Drop everything (input, forward and output). Accept output on
>> eth0 only for user debian-tor. Accept all output on tun0.
>
> Sure that big hammer approach works for many.
>
> But it's not trivial, or in some cases even possible,
> if you need some combinations of...
> a) anything less than the entire routing table captured to vpn
> b) more than one tor and/or vpn instance running
> c) point different apps at and/or through different things
> d) etc
True. It's much more flexible. But it makes me nervous. This also makes
me nervous: https://sourceforge.net/p/vpnchains/wiki/Home/. But on the
other hand, it could readily be scripted to switch VPN "circuits". And
it would be easier if VPN SOCKS5 proxies existed.
> The ticket exists make those type of things more trivial ;)
Got it :)
More information about the tor-talk
mailing list