Tor/Iptables Question
Erilenz
erilenz at gmail.com
Wed Aug 19 12:12:52 UTC 2009
* on the Wed, Aug 19, 2009 at 02:00:01AM -0400, Ringo wrote:
> One problem I've continually run into while trying to setup a secure tor
> virtual machine for browsing is that I have to allow it access to
> localhost (to connect to Tor). Is there a way in iptables to say "deny
> localhost access to all local ports except xyz" or even better say "deny
> user access to all local ports except xyz"
>
> Thanks for any help people can offer,
I prevent all users other than root from connecting to the Tor Control port with an
iptables rule which looks like this:
iptables -A OUTPUT -o lo -p tcp --dport 9051 -m owner ! --uid-owner root -j REJECT
You should be able to modify that for your own purposes.
--
Erilenz
More information about the tor-talk
mailing list