Open adrelanos opened 10 years ago
It's really easy actually, just run and boom, you're using corridor as a local firewall. (Only the logging is a bit unintuitive in this case and needs to be documented.) I've been meaning to integrate this feature for some time now, and will look into it over the next weeks.iptables -I OUTPUT -j CORRIDOR
And net.ipv4.ip_forward
should not be enabled then?
Yes, unless you're using corridor as both a local firewall and a gateway.
There are good reasons for anonymity not to emit any non-Tor traffic while browsing with Tor. Example, correlation of torified and non-torified TLS HELLO gmt_unix_time: https://trac.torproject.org/projects/tor/ticket/8751
One could use Tails or Whonix in a VM. And corridor firewall could run on the host to forbid any non-Tor traffic.
Could you add such a feature please?
Or would you accept a patch implementing this feature? Would require some if/else magic.