Iptables -t nat -A PREROUTING -i vnet0 -j DROPįinally you should make sure that 10.0.0.1 on machine A will use Tor, so in torrc: AutomapHostsOnResolve 1 Iptables -t nat -A PREROUTING -i vnet0 -p tcp -syn -j REDIRECT -to-ports 9040 Iptables -t nat -A PREROUTING -i vnet0 -p udp -dport 53 -j REDIRECT -to-ports 53 Iptables -t nat -I POSTROUTING -s 10.0.0.0/24 -j MASQUERADE You will need something like this: iptables -F ![]() Set a static IP address, for example, 10.0.0.2 and as gateway the private IP address of machine A.Ĭreate a script in machine A that will do all the NAT routing with iptables. Set up a virtual interface on machine A, with a private IP address:Ĭreate the virtual machine B, configure its interface in bridge mode with the vnet0 interface of machine A. Run Tor in machine A (say it's a Debian).This is security by isolation, and it averts many threats posed by malware, misbehaving applications, and user error.Īpart from Whonix, you could implement something yourself. Whonix is divided into two parts: Whonix-Workstation for your work and Whonix-Gateway for automatically routing all Internet traffic through Tor. This scheme is implemented from Whonix Anonymous Operation System: The second machine will be able to connect only to the first and thus every connection will be routed through Tor. ![]() Generally speaking, to implement this you will need two machines: the first machine will run Tor and will serve as a router. Remember the Tor Project suggests only two ways to use Tor: Tor Browser and Tails. Please take a look at Tails first, understand its features and threat model before you advance. Tails can handle many use cases well and is the way to go if you need to torify applications apart from your browser. Tails is a live Linux operating system that routes all traffic through Tor.
0 Comments
Leave a Reply. |