Append clients who should have access to this chain. # DNSMasq will send DNS queries to 1.1.1.1 which will be routed to the TOR DNS service $IPT -t nat -A OUTPUT -p udp -d 1.1.1.1 -dport 53 -j DNAT -to-destination 192.168.192.1:5353 # Accept DNS traffic (handled by dnsmasq which goes to 1.1.1.1) $IPT -t nat -A PREROUTING -i $TOR_IF -p udp -d 192.168.192.1 -dport 53 -j ACCEPT $IPT -t nat -A PREROUTING -i $TOR_IF -p tcp -d 192.168.192.1 -dport 80 -j ACCEPT # Accept HTTP traffic for web service running on this host. # Connections cannot be forwarded from one network to another. Because the internal network does not have a DHCP server, you will need to set it manually: Optionally, install Apache for your internal website.Įnsure that your network interfaces are set up correctly. This host will be the gateway for the internal TOR subnet. Internal Network Interface (to internal TOR subnet) The two networks will have the following configuration: This guide was created against a clean installation of CentOS 7.1 x86_64. You must have a machine that has at least two network interfaces (one for the external network, one for the TOR network). The goal is to have a subnet that will have all TCP traffic routed through TOR which should prevent any leaking of information by the TOR browser (for instance, due to a browser vulnerability). This article will go through the steps necessary to set up a gateway machine that transparently routes traffic through the TOR network.
0 kommentar(er)
