[tor-talk] FreeBSD PF (firewall) ruleset
Lars Noodén
lars.nooden at gmail.com
Tue Nov 12 08:24:13 UTC 2013
On 11/12/2013 05:38 AM, M C J wrote:
> I'm unable to connect to Tor with PF enabled. Without PF, Tor connects and
> runs fine (with Privoxy). Soon as PF is enabled, Tor will either disconnect
> if already running, or fail to connect if I try.
>
> I've used a very basic pf.conf ruleset:
>
> #######################
> block in all
> pass out all keep state
> #######################
Usually loopback is not filtered[1]. You could try adding this ahead of
the above two rules:
set skip on lo0
If Tor is listening on an external interface, then you should just need
to open that particular port
pass in quick on $ext_if inet proto tcp to ( $ext_if ) port 8118
Otherwise, try logging blocked packets and see how it is trying to connect.
Regards,
/Lars
[1] http://www.openbsd.org/faq/pf/filter.html
More information about the tor-talk
mailing list