[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Transparently anonymizing traffic iptables problem

To: or-talk@xxxxxxxx
Subject: Transparently anonymizing traffic iptables problem
From: unknown <unknown@xxxxxxxxx>
Date: Mon, 9 Feb 2009 19:42:03 +0000
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 09 Feb 2009 14:44:21 -0500
Organization: PGPru.com
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

https://wiki.torproject.org/noreply/TheOnionRouter/TransparentProxy :

[quote]

2.1. Transparently anonymizing traffic for a specific user

[code]
iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --syn -j REDIRECT --to-ports 9040 

iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53 

iptables -t nat -A OUTPUT -m owner --uid-owner anonymous -j DROP
[/code]

[/quote]

But last iptables rule will not working anymore.

Iptables warning:

[quote]
The "nat" table is not intended for filtering, hence the use of DROP is deprecated and will permanently be disabled in the next iptables release. Please adjust your scripts.
[/quote]

What's better iptables rule for *specific* user?

Prev by Author: Cuckoo clocks
Next by Author: Re: Transparently anonymizing traffic iptables problem
Previous by thread: Re: another BADEXIT found $8424E8653469B1EFF87E79E8599933A3BAF8FDB2
Next by thread: Re: Transparently anonymizing traffic iptables problem
Index(es):
- Author
- Thread