[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor VPN Server selfmade



Why not run something like "redsocks" (first hit on transparent socks)
http://darkk.net.ru/redsocks/ on VM1 ? It is a program that sits in between
the proxy and client. You then configure the firewall running on VM1 to
redirect traffic only through redsocks and allow no other connections.
I'd use FreeBSD/OpenBSD for this as my OS of choice as PF is very simple
and very powerfull, plus they are (imho) the most secure OS's.

Gijs

2012/1/11 <songso@xxxxxxxxxxx>

> Thank you for checking!
>
> >> https://trac.torproject.org/projects/tor/wiki/doc/TorVPN
> >
> > The VM isn't rewriting your resolv.conf. It's either dhcpd or
> > some other network configuration wizard on the host. Find it
> > and use it's capabilities, or shut it down and do manual.
>
> You were right. The minimal Ubuntu Server install hasn't done this.
>
> > Try to use simpler network addressing instead of random
> > IP's and masks all over the place.
> > 192.168.0.0/24 - vm1
> > 192.168.1.0/24 - vm2
> > 192.168.2.0/24 - host
> > 192.168.3.0/24 - wan, whatever, etc
>
> That looks simpler. Unfortunately it's not that easy. Not all IP ranges
> may be used in VMware. Only IPs listed under Virtual Network Editor, DHCP
> do work, others are not routable. Might be possible to change this but I
> thought not to change VMware is the least of the worse.
>
> > If vm1 can ping any configured address other than its own and its
> > vpn termination address, something is broken.
>
> Yes, this is fortunately not the case.
>
> > At times the language is off, see about working with a local English
> > speaker that you know.
>
> I am sorry for that. I was hoping for some collaboration, community work.
>
> > Make a sketch with IP's and VM's.
>
> Good idea.
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk