[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor/Iptables Question

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor/Iptables Question
From: Ringo <2600denver@xxxxxxxxx>
Date: Wed, 19 Aug 2009 16:01:28 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 19 Aug 2009 16:02:27 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=FpEjx4QLQ8ND0+i7TQHODdWx3qMDkzeCI78OnMMwvpM=; b=Xgva7n191YKmXiHcxXJABHfC4q+2xJTejI0rdopICRmXs/TDLNeogJrS3Q79yL5vWE 9TDDYQsD55CQ7PsmDErqyHPj0wh0b5gNihR0g7WmweCZLg9xPVMU0lSZkRNki2KkRBaY o+scaZbNGOvu+qJkJNGR+Zvkp62CMFRm+p+sk=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=SVF/abJ1EbJTE91TimJuAj1nyaIP0BvY8qTAaLFgPcPXZLU3q8YgEUNIM0IaJGA07p kDmoMD5oyhiiXIM/LGW6mEdZ12wZQjUzn0ImZLqWnAKx1ISjquBW+dErVdJSiIXw8AAI oUFaZo+mhSQnjwHLGMO8JS0wwbVX2Jl9inNqw=
In-reply-to: <4a8beb58.0707d00a.5e4a.2230@xxxxxxxxxxxxx>
References: <4a8beb58.0707d00a.5e4a.2230@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.21 (X11/20090318)

"I prevent all users other than root from connecting to the Tor Control
port with an
> iptables rule which looks like this:
>
> iptables -A OUTPUT -o lo -p tcp --dport 9051 -m owner ! --uid-owner
root -j REJECT"

Thanks! That should work perfectly. Is there any way to make dport a
wildcard?

Ringo

Follow-Ups:
- Re: Tor/Iptables Question
  - From: Kyle Williams

References:
- Re: Tor/Iptables Question
  - From: Erilenz

Prev by Author: Re: More Secure Tor Browsing Through A Virtual Machine in Ubuntu
Next by Author: Roger's HAR2009 talk on Tor performance
Previous by thread: Re: Tor/Iptables Question
Next by thread: Re: Tor/Iptables Question
Index(es):
- Author
- Thread