[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] tor with vpn



On 07/05/2016 01:34 AM, grarpamp wrote:
> On 7/4/16, Mirimir <mirimir@riseup.net> wrote:
>> Yes, VMs are heavyweight. But iptables rules for this are pretty
>> trivial. Drop everything (input, forward and output). Accept output on
>> eth0 only for user debian-tor. Accept all output on tun0.
> 
> Sure that big hammer approach works for many.
> 
> But it's not trivial, or in some cases even possible,
> if you need some combinations of...
> a) anything less than the entire routing table captured to vpn
> b) more than one tor and/or vpn instance running
> c) point different apps at and/or through different things
> d) etc

True. It's much more flexible. But it makes me nervous. This also makes
me nervous: https://sourceforge.net/p/vpnchains/wiki/Home/. But on the
other hand, it could readily be scripted to switch VPN "circuits". And
it would be easier if VPN SOCKS5 proxies existed.

> The ticket exists make those type of things more trivial ;)

Got it :)

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk