[tor-relays] TransPort: Convert iptables to pf
diffusae
punasipuli at t-online.de
Wed Dec 21 20:39:25 UTC 2016
Hi!
Thanks a lot for your reply.
On 21.12.2016 20:46, Ivan Markin wrote:
> diffusae:
>> I looked into the wiki and also find some pf rules, which are routing
>> all the traffic though Tor, but this only works locally.
>
> You're likely talking about this wiki:
> https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#AnonymizingMiddlebox1
Yes I've tried something similar.
> I've tried these rules for Anonymizing Middlebox (though on modern
> OpenBSD) quite some time ago and it seemed to work fine. These should
> not only work locally - it's for entire LAN. Are these ones you tried?
rdr pass on ue0 inet proto tcp from any to !($int_if) -> 127.0.0.1 port 9040
or
rdr pass on $int_if inet proto tcp to 10.192.0.0/10 -> 127.0.0.1 port
$trans_port
I've tried it also inside the jail as on the host and I always get a
"Connection refused" The packets are routed to the IP, but I looks like
they are rejected. I don't know why. Normally it should work.
Otherwise, if I remove my iptables rule on the Linux host, than I got a
"No route to host" Looks like routing to internal IP isn't working, but
I can see the packets on the FreeBSD host. Strange ...
It looks like, I am doing something wrong.
Regards,
More information about the tor-relays
mailing list