[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: iptables and tor

To: or-talk@xxxxxxxxxxxxx
Subject: Re: iptables and tor
From: dante <dante@xxxxxxxxxxxxxxxxxxx>
Date: Sun, 10 Feb 2008 14:48:47 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 10 Feb 2008 14:48:53 -0500
In-reply-to: <47AF4736.9060509@xxxxxxxxxxxx>
References: <47AE403E.6070805@xxxxxxxxxxxxxxxxxxx> <20080210160342.GB30397@xxxxxxxxxxxxxxxxxxxxxxxx> <47AF43A8.4080006@xxxxxxxxxxxx> <47AF4736.9060509@xxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (X11/20071022)

> The packets coming in on Tor TLS tunnels are destined for your node.
> They go up the stack through TCP and TLS to the Tor application
> itself. Tor does its AES CTR encryption on the cells coming out of
> these streams, and puts them in other streams based on the circuit
> labels. Here they get TLS'd, packed into TCP segments and go out.
> This means that packets going out after relaying have nothing to do
> with packets coming in, so I don't think marking makes any difference.
> This is clearly a positive point of Tor.
Thanks Csaba, that's exactly what I was worried about and your
information is reassuring.   The usual allow/deny rules should be good
enough.

---

Anthony G. Basile, Ph.D.
Director of Information Technology,
D'Youville College,
320 Porter Ave.
Buffalo NY, 14201

References:
- iptables and tor
  - From: dante
- Re: iptables and tor
  - From: phobos
- Re: iptables and tor
  - From: M
- Re: iptables and tor
  - From: Csaba Kiraly

Prev by Author: iptables and tor
Next by Author: Re: about Tor in Linux
Previous by thread: Re: iptables and tor
Next by thread: Re: iptables and tor
Index(es):
- Author
- Thread