Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Shorewall - block outgoing

    Hey folks

    I'm trying to use a combination of Shorewall/Squid/Privoxy/Tor (all running on the same box) on my network.

    I've added:
    REDIRECT loc 80 tcp www

    to my shorewall "rules" file and it's working great - my test pc on my network can surf through tor transparently (without adding anything to their browser setting).

    Now my question is, how do I stop ALL other outgoing traffic from the LAN (e.g. to prevent someone entering their own proxy server in firefox)..

    I've tried adding DROP loc:10.xx.xx.0/24!10.xx.xx.1/32 net
    (where the first is my local subnet and the exclusion is my firewall's ip) however this blocks my tor setup working..

    Help is appreciated cheers

  2. #2
    ok i've made some progress..

    Looks like my rule does work. It's just that when doing transparent proxying, firefox does a DNS lookup first which fails (cause it's blocked).

    Any ideas?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts