Hello,
I would like to drop/forbid all outgoing HTTP browser traffic (port 80) with some kind of firewall rule in the Whonix Gateway machine. Instead HTTPS should be used on port 443.
After some research, I have found and edited the whonix-gateway-firewall file in /usr/bin/whonix-gateway-firewall (see github_dot_com/Whonix/whonix-firewall/blob/21b467c/usr/bin/whonix-gateway-firewall#L507-L514):
if [ "$WORKSTATION_TRANSPARENT_TCP" = "1" ]; then
## Catch all remaining TCP and redirect to TransPort.
## Only user installed applications not configured to use a SocksPort are affected.
$iptables_cmd -t nat -A PREROUTING -i "$int_if_item" -p tcp --syn -j REDIRECT --to-ports "$TRANS_PORT_WORKSTATION" # (1) <---
## Optionally restrict TransPort.
## Replace above rule with a more restrictive one, e.g.:
#$iptables_cmd -t nat -A PREROUTING -i "$int_if_item" -p tcp --match multiport --dports 80,443 --syn -j REDIRECT --to-ports "$TRANS_PORT_WORKSTATION" # (2) <---
fi
, where I replaced (1) by (2) and chose --dports 443 as valid ports.
This works so far, but I guess, it now only allows port 443. Is there a way to adjust the rule to state, that just port 80 is not allowed?
TIA, yanga