uwt: set AllowOutboundLocalhost / AllowInbound and abolish UWT_DEV_PASSTHROUGH / uwt circumvention hack


ID: 357
PHID: PHID-TASK-rlfc2vo5ufarn3k4fv5w
Author: Patrick
Status at Migration Time: resolved
Priority at Migration Time: Normal


Quote https://lists.torproject.org/pipermail/tor-talk/2015-May/037979.html:

  • AllowOutboundLocalhost option allows torsocks to connect to a
    localhost address.

It might help to abolish to whole UWT_DEV_PASSTHROUGH hack / uwt circumvention confusion, explanation.

#debian_stretch /etc/tor/torsocks.conf

# Set Torsocks to accept inbound connections. If set to 1, listen() and
# accept() will be allowed to be used with non localhost address. (Default: 0)
#AllowInbound 1
# Set Torsocks to allow outbound connections to the loopback interface.
# If set to 1, connect() will be allowed to be used to the loopback interface
# bypassing Tor. If set to 2, in addition to TCP connect(), UDP operations to
# the loopback interface will also be allowed, bypassing Tor. This option
# should not be used by most users. (Default: 0)
#AllowOutboundLocalhost 1


  • Test the new torsocks AllowOutboundLocalhost option.
  • Consider setting this option by default.
  • Depending on above, consider removing UWT_DEV_PASSTHROUGH from Whonix code everywhere. (grep -r UWT_DEV_PASSTHROUGH *)



2017-01-18 08:45:52 UTC


2017-01-18 09:00:48 UTC