[tor-talk] tor with vpn

Mirimir mirimir at riseup.net
Tue Jul 5 08:10:47 UTC 2016


On 07/05/2016 01:34 AM, grarpamp wrote:
> On 7/4/16, Mirimir <mirimir at riseup.net> wrote:
>> Yes, VMs are heavyweight. But iptables rules for this are pretty
>> trivial. Drop everything (input, forward and output). Accept output on
>> eth0 only for user debian-tor. Accept all output on tun0.
> 
> Sure that big hammer approach works for many.
> 
> But it's not trivial, or in some cases even possible,
> if you need some combinations of...
> a) anything less than the entire routing table captured to vpn
> b) more than one tor and/or vpn instance running
> c) point different apps at and/or through different things
> d) etc

True. It's much more flexible. But it makes me nervous. This also makes
me nervous: https://sourceforge.net/p/vpnchains/wiki/Home/. But on the
other hand, it could readily be scripted to switch VPN "circuits". And
it would be easier if VPN SOCKS5 proxies existed.

> The ticket exists make those type of things more trivial ;)

Got it :)



More information about the tor-talk mailing list