[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: transparent forced dns-'proxy' on Exit-Node - is it ok?
On Tue, 09 Jan 2007, herfel@xxxxxxx wrote:
> Hello,
>
> for reasons that are not relevant to the question, my tor-node
> 'cannot' function as an exit-node. However I was thinking that it
> would be possible for me, to use iptables to force-route all outgoing
> dns-requests from the tor-IP to my local dns-server
Don't.
Just do not exit to port 53, so nobody will try to tunnel their DNS
requests over Tor through you - tho I doubt many, if any, do this.
For the things Tor does resolve itself (like with normal exit requests
to say slashdot.com:80) just make sure your system can do DNS resolves
with the usual gethostbyname() libc call. Or, if you are on 0.1.2.*
that your etc/resolv.conf has servers in it that work.
Peter
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/