diffusae:
Hello!
Hi Diffusae
Does anybody know how to convert this to pf rules in FreeBSD:
iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040
I' running a Tor client in a jail on a different IP and want to route only the .onion traffic through.
The DNS stuff is working fine, but I can't find a solution for the above iptables rule, which is working. I like transparently do DNS and Routing for .onion traffic on the network.
I looked into the wiki and also find some pf rules, which are routing all the traffic though Tor, but this only works locally.
The machine is on FreeBSD 11.0-STABLE. Tor is running in a jail with cloned loopback interface (lo1) and has also a private IP address on the main NIC.
I am running a Tor node in a Freebsd jail with the following pf rules :
scrub in all nat pass on $ext_if from $NET_JAIL to any -> $IP_PUB rdr pass on $ext_if proto tcp from any to $IP_PUB port $PORT_TOR_JAIL -> $IP_JAIL_TOR port $PORT_TOR_JAIL
It passes the exit traffic to th public IP. The incoming traffic is passed to the different jail IPs according to the port.
Be careful with the cloned interface and the /etc/hosts configurations for your BSD and jails. Misconfiguration also often leads to network problems.
Maybe you have some hints.
Thanks a lot
Regards,
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays