aboutsummaryrefslogtreecommitdiffstats
path: root/config/includes.chroot/sbin/tor-wireless-firewall.sh
blob: 4310e7bd3fc77c0ffa4972b7fc709bad947e53d2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
#!/bin/sh

# destinations you don't want routed through Tor
NON_TOR="10.0.2.0/24 10.23.42.0/24 172.16.23.0/24"

# Tor's TransPort
TRANS_PORT="9040"

# your internal interface
INT_IF="uap0"

iptables -F
iptables -t nat -F

for NET in $NON_TOR; do
  iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN
done
iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 53 -j REDIRECT --to-ports 5353
#iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 67 -j REDIRECT --to-ports 67
iptables -t nat -A PREROUTING -i $INT_IF -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT