[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TOR on Academic networks (problem)

Good idea. How can I do this without also breaking DNS lookups?

I am not sure if the following would work, but it is what I would try first. With a bit of luck someone else can suggest a better solution, or at least warn you if mine has an obvious fatal flaw. Anyway, as long as you don't mind that it is Linux-specific, and FWIIW:

You could use iptables to overwrite the destination address to that of a local webserver. It would require a large number of rules but might be OK for a small amount of traffic. You might put the rules in OUTPUT or POSTROUTING, using something along the lines of

iptables -t nat -A POSTROUTING -p tcp -d <ip of journal> --dport 80 -j DNAT --to-destination <ip of you webserver>

Obviously, the webserver would have to be configured to return the error page no matter what the requested URL. You can either implement this on the machine running the exit node if it uses linux, or you could put a linux box between that machine and the rest of internet.