TOR config
</etc/tor/torrc>
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
DNSPort 53
FascistFirewall 1
FirewallPorts 443
DataDirectory /var/lib/tor
PidFile /var/run/tor/tor.pid
User debian-tor
ClientOnly
Firehol config
</etc/firehol/firehol.conf>
version 5
server_tor_ports="tcp/9050 tcp/9051"
client_tor_ports="default"
server_proxy_ports="tcp/9040"
lient_tor_ports="default"
server_proxy_ports="tcp/9040"
client_proxy_ports="default"
server_polipo_ports="tcp/8118"
client_polipo_ports="default"
server_dns_ports="udp/53"
client_dns_ports="default"
#all incoming DNS goes to port 53 or whatever your torrc's DNSPort is
#for local redirection make sure your /etc/resolv.conf reads 'nameserver #127.0.0.1
redirect to 53 inface eth+ proto udp src 192.168.0.0/16 dst not 127.0.0.1 dport 53
#add to force all incoming tcp traffic to 9040
#for some reason this will redirect locally generated tcp traffic too
transparent_proxy "1:65535" 9040 debian-tor inface eth+ user not debian-tor dst not "$UNROUTABLE_IPS"
interface eth0 dhcp
policy return
client dhcp accept
client all accept
#allow only outgoing TOR traffic
interface eth0 internet src not "$UNROUTABLE_IPS"
client all accept user debian-tor
#add for local DNS and proxy access
interface "eth0 lo" local src "192.168.1.2 127.0.0.1" dst "192.168.1.2 127.0.0.1"
server dns accept
server privoxy accept
server tor accept
server proxy accept
#add for local TOR socks and control port access
interface lo internal src 127.0.0.1 dst 127.0.0.1
server tor accept
server proxy accept
No comments:
Post a Comment