From 2196124bf23eb9a9e4b708b2ed098011eb54df2c Mon Sep 17 00:00:00 2001
From: Jacob Appelbaum <jacob@appelbaum.net>
Date: Sat, 13 Aug 2011 04:36:54 +0200
Subject: add some configs and shell scripts

---
 .../torouter-prep/configs/tor-wireless-firewall.sh   | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100755 packages/torouter-prep/configs/tor-wireless-firewall.sh

(limited to 'packages/torouter-prep/configs/tor-wireless-firewall.sh')

diff --git a/packages/torouter-prep/configs/tor-wireless-firewall.sh b/packages/torouter-prep/configs/tor-wireless-firewall.sh
new file mode 100755
index 0000000..4310e7b
--- /dev/null
+++ b/packages/torouter-prep/configs/tor-wireless-firewall.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# destinations you don't want routed through Tor
+NON_TOR="10.0.2.0/24 10.23.42.0/24 172.16.23.0/24"
+
+# Tor's TransPort
+TRANS_PORT="9040"
+
+# your internal interface
+INT_IF="uap0"
+
+iptables -F
+iptables -t nat -F
+
+for NET in $NON_TOR; do
+  iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN
+done
+iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 53 -j REDIRECT --to-ports 5353
+#iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 67 -j REDIRECT --to-ports 67
+iptables -t nat -A PREROUTING -i $INT_IF -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT
-- 
cgit v1.2.3