[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: TOR on Academic networks (problem)
Good idea. How can I do this without also breaking DNS lookups?
I am not sure if the following would work, but it is what I would try
first. With a bit of luck someone else can suggest a better solution,
or at least warn you if mine has an obvious fatal flaw. Anyway, as long
as you don't mind that it is Linux-specific, and FWIIW:
You could use iptables to overwrite the destination address to that of
a local webserver. It would require a large number of rules but might
be OK for a small amount of traffic. You might put the rules in OUTPUT
or POSTROUTING, using something along the lines of
iptables -t nat -A POSTROUTING -p tcp -d <ip of journal> --dport 80 -j DNAT --to-destination <ip of you webserver>
Obviously, the webserver would have to be configured to return the
error page no matter what the requested URL. You can either implement
this on the machine running the exit node if it uses linux, or you
could put a linux box between that machine and the rest of internet.