[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] FreeBSD PF (firewall) ruleset



On 11/12/2013 05:38 AM, M C J wrote:
> I'm unable to connect to Tor with PF enabled. Without PF, Tor connects and
> runs fine (with Privoxy). Soon as PF is enabled, Tor will either disconnect
> if already running, or fail to connect if I try.
> 
> I've used a very basic pf.conf ruleset:
> 
> #######################
> block in all
> pass out all keep state
> #######################

Usually loopback is not filtered[1].  You could try adding this ahead of
the above two rules:

  set skip on lo0

If Tor is listening on an external interface, then you should just need
to open that particular port

  pass in quick on $ext_if inet proto tcp to ( $ext_if ) port 8118

Otherwise, try logging blocked packets and see how it is trying to connect.

Regards,
/Lars

[1]	http://www.openbsd.org/faq/pf/filter.html
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk