[Noisebridge-discuss] tor proxies
Jonathan Lassoff
jof at thejof.com
Mon Jul 19 19:03:14 UTC 2010
On Thu, Jul 15, 2010 at 4:43 PM, Leif Ryge <leif at synthesize.us> wrote:
> On 07/15/2010 09:59 AM, travis+ml-noisebridge at subspacefield.org wrote:
>> I am wondering what NB uses, and if they solved the DNS lookup problem
>> (it's UDP, so doesn't normally get tunnelled over tor, which IIUC is
>> TCP-only).
>
> I wasn't involved in setting it up (hopefully someone who was will speak
> up here) but from what I understand the tor wifi AP is using
> iptables as per
> https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TransparentProxy
I setup the tor AP that's at noisebridge, though I haven't used it in
a while. I hope it's still working well.
The AP and the local tor node are connected on a private VLAN, and is
configured so that a DHCP daemon will hand out addresses that should
direct all traffic towards the local tor node.
On the tor node (a linux host), there are some iptables rules to
direct all TCP traffic towards a local instance of privoxy, which
passes the traffic to tor.
There's a second rule that redirects all UDP traffic destined to a
local instance of Tor's "DNSPort/DNSListenAddress".
All other traffic not destined to the tor node is dropped.
The end.
More information about the Noisebridge-discuss
mailing list