[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

redsocks + iptables

Is the documentation about redsocks + iptables currently working or is still Unfinished.

https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy#Transparent_Proxying_Method

I would like to implement the following configuration User-Tor-ProxyVM-Internet ,where ProxyVM is a Qubes providing network VM with the redsocks + iptables configuration.

Thanks.

Unfinished. Might or might not work. Didn’t look into this for years.

I want to achieve the same thing. Those instructions unfortunately didn’t work for me.

What else I tried: I connected 2 AppVMs to the same firewall and then enabled communication between them. Then I ran a proxy server on one of the VMs and connected to it over the internal network between them.

Connecting to the internal IP and the assigned Port of the proxy server worked. My connection was tunneled when I tried it in a browser.

I also tried to redirect the traffic from the internal network to the proxy server but that didn’t work. I’m not expierienced with iptables though.

But even if I got that working there still would be the DNS issues. I think getting the remote DNS resolution via socks5 working is not easy. Afaik you would need something like the program proxifier for Windows which assigns fake IP addresses to make the remote resolution work.

I am not sure if DNS resolution would work with redsocks and its dnstc feature.

If you found a solution for this or have more information on this topic, please let me know.

You should take with a grain of salt (a lot) any iptable or blocklist etc. If you are not running etherape, iptraf-ng you need a shrink…

By the way… Install ufw in your sys-net and check for any ssh. At my location Qubes 4 doesn’t last 15 seconds if connected with default configuration.

sudo dnf install ufw (debian apt)
sudo ufw enable
sudo ufw default reject incoming
sudo ufw default allow outgoing
sudo ufw reload

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]