[tor-talk] corridor, a Tor traffic whitelisting gateway

Rusty Bird rustybird at openmailbox.org
Fri Feb 14 17:29:05 UTC 2014


Sebastian G. <bastik.tor>:
> 14.02.2014 15:12, Rusty Bird:
>> 2. That data gets sent to corridor-helper-update, which atomically
>> updates a Linux ipset (a list of IP-address:TCP-port entries accessible
>> in constant time) named tor_relays.
> 
> Atomically is anatomically acceptable, but automatically appear to be
> adequate.

:) It really is "atomically" though: tor_relays contains either the
complete old consensus or the complete new consensus, never an
in-between state.

>> **To be secure, your new gateway needs two separate network
>> interfaces**, like two Ethernet NICs, or one WiFi radio and one DSL
>> modem. One is to receive incoming traffic from client computers, the
>> other one is to pass the filtered traffic towards the global internet,
>> **and they need to be on different networks**: Clients must not be able
>> to take a shortcut via DHCP, DNS, ICMP Redirect requests, and who knows
>> what else.
> 
> Isn't this the most limiting factor?
> 
> How many systems have two separate networks?

Private network address spaces are fine. I think I may be using
nonstandard networking terminology?

For example, my corridor box has a builtin Ethernet port (10.0.0.254)
where the protected client computers connect to, and another cheapo
Ethernet adapter (192.168.1.2) plugged into the USB port, talking to my
regular modem/router (192.168.1.254). The two networks are 10.0.0.0/8
and 192.168.1.0/24.

How should I rephrase the documentation?

Rusty

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140214/b5e4cff0/attachment-0001.sig>


More information about the tor-talk mailing list