How do I drop non-Tor traffic in iptables and allow only Whonix-Gateway traffic?Iptables: matching outgoing...
why "American-born", not "America-born"?
Bash - Execute two commands and get exit status 1 if first fails
Difference in 1 user doing 1000 iterations and 1000 users doing 1 iteration in Load testing
Does science define life as "beginning at conception"?
What quantum phenomena violate the superposition principle in electromagnetism?
Why "strap-on" boosters, and how do other people say it?
Vehemently against code formatting
How would a physicist explain this starship engine?
How to tease a romance without a cat and mouse chase?
tikz: 5 squares on a row, roman numbered 1 -> 5
Simple Arithmetic Puzzle 7. Or is it?
How to safely discharge oneself
Was Tyrion always a poor strategist?
Mikrokosmos, BB 105, Vol. 1: No. 17 Contrary Motion (1) - Can't understand the structure
Managing heat dissipation in a magic wand
What does it mean to "take the Cross"
Can dirty bird feeders make birds sick?
Does a windmilling propeller create more drag than a stopped propeller in an engine out scenario?
Circuit construction for execution of conditional statements using least significant bit
400–430 degrees Celsius heated bath
Germany rejected my entry to Schengen countries
How should I mix small caps with digits or symbols?
Is there a word for pant sleeves?
Why was Houston selected as the location for the Manned Spacecraft Center?
How do I drop non-Tor traffic in iptables and allow only Whonix-Gateway traffic?
Iptables: matching outgoing traffic with conntrack and owner. Works with strange dropsHelp to understand Iptables Forward chain with DNATISC DHCP Server - A Client's Uplink Is Not WorkingDebian network disappearingHow to get RX and TX bytes querying iptables?CONFIG_NF_CONNTRACK is not setWhy does my iptables configuration allow non-TOR traffic?iptables - 2 Internetprovider - routingHow to route traffic from a specific user through a VPN on LinuxHow to implement iptables on lxc-container?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I want to drop all non-Tor traffic in iptables and allow only traffic from Whonix-Gateway virtual machine on the host. My iptables config:
# Generated by iptables-save v1.8.2 on Sat May 18 15:54:56 2019
*filter
:INPUT DROP [21:3717]
:FORWARD DROP [0:0]
:OUTPUT DROP [166:15284]
-A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A OUTPUT -m owner --uid-owner tor -j ACCEPT
COMMIT
# Completed on Sat May 18 15:54:56 2019
When I apply this config, I'm only able to do torified upgrades on the host and use torsocks commands. Whonix-Gateway doesn't have access to the Internet. What I'm doing wrong?
iptables configuration tor whonix
asked 9 mins ago
java-develjava-devel
3181217
add a comment |
I want to drop all non-Tor traffic in iptables and allow only traffic from Whonix-Gateway virtual machine on the host. My iptables config:
# Generated by iptables-save v1.8.2 on Sat May 18 15:54:56 2019
*filter
:INPUT DROP [21:3717]
:FORWARD DROP [0:0]
:OUTPUT DROP [166:15284]
-A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A OUTPUT -m owner --uid-owner tor -j ACCEPT
COMMIT
# Completed on Sat May 18 15:54:56 2019
When I apply this config, I'm only able to do torified upgrades on the host and use torsocks commands. Whonix-Gateway doesn't have access to the Internet. What I'm doing wrong?
iptables configuration tor whonix
asked 9 mins ago
java-develjava-devel
3181217
add a comment |
I want to drop all non-Tor traffic in iptables and allow only traffic from Whonix-Gateway virtual machine on the host. My iptables config:
# Generated by iptables-save v1.8.2 on Sat May 18 15:54:56 2019
*filter
:INPUT DROP [21:3717]
:FORWARD DROP [0:0]
:OUTPUT DROP [166:15284]
-A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A OUTPUT -m owner --uid-owner tor -j ACCEPT
COMMIT
# Completed on Sat May 18 15:54:56 2019
When I apply this config, I'm only able to do torified upgrades on the host and use torsocks commands. Whonix-Gateway doesn't have access to the Internet. What I'm doing wrong?
iptables configuration tor whonix
asked 9 mins ago
java-develjava-devel
3181217
I want to drop all non-Tor traffic in iptables and allow only traffic from Whonix-Gateway virtual machine on the host. My iptables config:
# Generated by iptables-save v1.8.2 on Sat May 18 15:54:56 2019
*filter
:INPUT DROP [21:3717]
:FORWARD DROP [0:0]
:OUTPUT DROP [166:15284]
-A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
-A OUTPUT -m owner --uid-owner tor -j ACCEPT
COMMIT
# Completed on Sat May 18 15:54:56 2019
When I apply this config, I'm only able to do torified upgrades on the host and use torsocks commands. Whonix-Gateway doesn't have access to the Internet. What I'm doing wrong?
iptables configuration tor whonix
iptables configuration tor whonix
asked 9 mins ago
java-develjava-devel
3181217
asked 9 mins ago
java-develjava-devel
3181217
asked 9 mins ago
java-develjava-devel
3181217
asked 9 mins ago
java-develjava-devel
3181217
asked 9 mins ago
java-develjava-devel
3181217
3181217
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f519750%2fhow-do-i-drop-non-tor-traffic-in-iptables-and-allow-only-whonix-gateway-traffic%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f519750%2fhow-do-i-drop-non-tor-traffic-in-iptables-and-allow-only-whonix-gateway-traffic%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
