Closed A3sal0n closed 6 years ago
We could whitelist specific devices for Tor communication. This is the ideal setup.
If we use a dedicated ipset list for the Tor IP addresses and another dedicated ipset whitelist for the allowed IPs. Then we could configure an additional firewall rule like the one below:
iptables -A FORWARD \ -m set --set tor_whitelist src \ -m set --set tor_addresses dst \ -j ACCEPT
Finally done. This one really took a long time :)
Details in latest commit 012d69b8b3aa87aa3a74b7057e356c9523c11a5c
Will disabling Tor blocking affect all devices, or are we gonna implement disabling only for specific devices?