diff options
| author | ficus <ficus@robocracy.org> | 2012-11-17 01:19:44 +0100 |
|---|---|---|
| committer | ficus <ficus@robocracy.org> | 2012-11-17 01:19:44 +0100 |
| commit | 4b7afd6137b62dfcfc09aa8a05f59935fef69489 (patch) | |
| tree | e4466fd24d48ff303caaaeb3a190ee0a223f0df0 /config/includes.chroot/sbin/tor-wireless-firewall.sh | |
| parent | d2e16f2311fbf6d2a93dfde5adc86dc8e27381aa (diff) | |
| download | torouter-live-4b7afd6137b62dfcfc09aa8a05f59935fef69489.tar.gz torouter-live-4b7afd6137b62dfcfc09aa8a05f59935fef69489.zip | |
import conf from old torouter repository
Diffstat (limited to 'config/includes.chroot/sbin/tor-wireless-firewall.sh')
| -rwxr-xr-x | config/includes.chroot/sbin/tor-wireless-firewall.sh | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/config/includes.chroot/sbin/tor-wireless-firewall.sh b/config/includes.chroot/sbin/tor-wireless-firewall.sh new file mode 100755 index 0000000..4310e7b --- /dev/null +++ b/config/includes.chroot/sbin/tor-wireless-firewall.sh @@ -0,0 +1,20 @@ +#!/bin/sh + +# destinations you don't want routed through Tor +NON_TOR="10.0.2.0/24 10.23.42.0/24 172.16.23.0/24" + +# Tor's TransPort +TRANS_PORT="9040" + +# your internal interface +INT_IF="uap0" + +iptables -F +iptables -t nat -F + +for NET in $NON_TOR; do + iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN +done +iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 53 -j REDIRECT --to-ports 5353 +#iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 67 -j REDIRECT --to-ports 67 +iptables -t nat -A PREROUTING -i $INT_IF -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT |