[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor/Iptables Question

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor/Iptables Question
From: Kyle Williams <kyle.kwilliams@xxxxxxxxx>
Date: Wed, 19 Aug 2009 16:48:08 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 19 Aug 2009 19:48:11 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type; bh=3UFtLuMe2Ukb19spbsHgI01bfvpeEoq3nLO4+gmQfoc=; b=PEA/ymwDCZNd31igftW4LkRfKUaqsJvL05y9Xg5Atdk4lyWRc1HL7Lu6YZ/RCxmdtJ YB9Pk0vPkrWwGChErexJo9QEEC0OBJBB3Ndul8Otu1c37xIfHkOKONok5iXG35VjrhLK A6kV4xuhEZQP7zPcteZCN0aN0L8xzSg8VQSIM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=tJdblXGT6o7ExZFW07WU0RvzVDdTRKIqaHQl8YltFMtBCWimo+cWhLN7GSDZKeOQuB QktIqvpcvYf/pfh5Dj0hlmLxthKU9UJlvANvWcILKIF23uHfGf19lZZfCARUiI8WB7CY TFbkj8xZRwvwjXGjrcz9rdj1RFkZhedwb8Eyg=
In-reply-to: <4A8C5A18.8070603@xxxxxxxxx>
References: <4a8beb58.0707d00a.5e4a.2230@xxxxxxxxxxxxx> <4A8C5A18.8070603@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

I believe if you just remove --dport, then everything (all ports) are assumed.

On Wed, Aug 19, 2009 at 1:01 PM, Ringo <2600denver@xxxxxxxxx> wrote:

"I prevent all users other than root from connecting to the Tor Control
port with an
> iptables rule which looks like this:
>
> iptables -A OUTPUT -o lo -p tcp --dport 9051 -m owner ! --uid-owner
root -j REJECT"

Thanks! That should work perfectly. Is there any way to make dport a
wildcard?

Ringo

Follow-Ups:
- Re: Tor/Iptables Question
  - From: Ringo

References:
- Re: Tor/Iptables Question
  - From: Erilenz
- Re: Tor/Iptables Question
  - From: Ringo

Prev by Author: Re: More Secure Tor Browsing Through A Virtual Machine in Ubuntu
Next by Author: Re: Tor/Iptables Question
Previous by thread: Re: Tor/Iptables Question
Next by thread: Re: Tor/Iptables Question
Index(es):
- Author
- Thread