Changeset 90771bc


Ignore:
Timestamp:
02/26/15 14:05:07 (3 months ago)
Author:
Kris Moore <kris@…>
Branches:
master, enter/10, releng/10.1.2
Children:
ad8a54f, d3f54d7
Parents:
3a9702b
Message:

Update the tor transparent ipfw rules, sorta working now, can
use "drill" to resolve, and can go out to IP addresses, but
trying to fetch something from an address is still failing

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src-sh/pcbsd-utils/xtrafiles/local/share/pcbsd/scripts/reset-firewall-tor

    r3a9702b r90771bc  
    4747cmd="ipfw -q add" 
    4848 
    49 # No restrictions on loopback 
    50 #################################################################### 
    51 \$cmd 00020 allow all from any to any via lo0 
    52 #################################################################### 
     49\$cmd 00010 allow ip from any to any uid _tor out keep-state 
     50\$cmd 00020 fwd 127.0.0.1,9530 udp from any to 127.0.0.1 53 
     51\$cmd 00025 allow all from localhost to localhost via lo0 
     52\$cmd 00030 fwd 127.0.0.1,9040 tcp from any to not me out 
    5353 
    5454# Catch spoofing from outside 
     
    6161\$cmd 00050 check-state 
    6262\$cmd 00100 allow tcp from any to any established 
    63 #################################################################### 
    64  
    65 # Allow outgoing packets on the tor ports 
    66 #################################################################### 
    67 \$cmd 00150 allow ip from any to any uid _tor out keep-state 
    68 \$cmd 00160 allow tcp from any to 127.0.0.1 keep-state 
    69 #################################################################### 
    70  
    71 # Redirect all other packets through the TOR network 
    72 #################################################################### 
    73 \$cmd 00200 fwd 127.0.0.1:9040 tcp from any to any out 
    7463#################################################################### 
    7564 
Note: See TracChangeset for help on using the changeset viewer.