[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Linux TransparentProxy setup and IPv6

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Linux TransparentProxy setup and IPv6
From: Öyvind Saether <oyvinds@xxxxxxxxxxx>
Date: Wed, 04 Jan 2012 19:50:24 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 04 Jan 2012 13:50:52 -0500
In-reply-to: <4F0461A1.3000106@xxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-fcRY4dQtcx@xxxxxxxxxxxxx> <4F0461A1.3000106@xxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20111117 Thunderbird/8.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> If you have a Linux machine with an IPv6 address, and you're using
> the iptables technique described on that page, then you're going to
> leak. "iptables" only applies to IPv4 traffic. You need to put in
> an explicit rule using "ip6tables" to block all IPv6 traffic.
> 
> Alternatively, just disable IPv6 support on your machine.
> 
> Maybe the documentation should be updated with this information?

ip6tables -t filter -A OUTPUT -m owner --uid-owner anonymous -j DROP

..if you are (ab)using the username anonymous and your IPv4 iptables
firewall is setup to do -m owner --uid-owner anonymous rules.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8En28ACgkQNBSJHnwv/KrLJQCbBtVThhcdwrZzRlTF300zWapO
V14AoImif1PSKZflpFVDs6OKgk4+bvXb
=cxj/
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Linux TransparentProxy setup and IPv6
  - From: hmoh
- Re: [tor-talk] Linux TransparentProxy setup and IPv6
  - From: tor

Prev by Author: Re: [tor-talk] about TOR
Next by Author: Re: [tor-talk] Real basic questions for linux
Previous by thread: Re: [tor-talk] Linux TransparentProxy setup and IPv6
Next by thread: [tor-talk] Hoax?
Index(es):
- Author
- Thread