VPN-Firewall on Tails

Hiberts · September 22, 2015, 11:49pm

I not tested this setup yet, but can it be possible ? I should run VPN-Firewall and then run a test with Wireshark like i did with Whonix .
Someone else tried this setup ?

Patrick · September 23, 2015, 6:56am

Possible in theory, yes. In practice you need to understand Tails firewall first before trying such stuff before you combine them. The task description would be “add a VPN-Firewall alike feature to Tails firewall”. Non-trivial stuff.

Hiberts · September 25, 2015, 10:31am

Right, Tails also has its firewall .
Theorically, if i use your firewall on the host i don’t see the problem .
Instead, use your firewall within Tails it’s a big problem …
However i meant vpn-firewall on the host and Tails on VM .
I will test it .

You can change my title in : VPN-Firewall with Tails .

Patrick · September 25, 2015, 11:33am

I don’t foresee any issues.

Hiberts · January 16, 2016, 7:35pm

I tried it and it works very well !!!

halo9en · January 18, 2016, 3:04am

Can you be specific about what your setup and configuration was? Did you drop the Tails firewall rules with iptables -F or use uwt? Did you then import adrelanos firewall rules from somewhere? Or, did you simply git clone the VPN-Firewall and run the script? What kind of testing did you do?

Hiberts · January 19, 2016, 11:20am

I do this :

Download the VPN-Firewall with the download button .
I run the script after I put it on the correct location the files, the guide on readme is very clear .
I run Tails on Virtualbox and all of its traffic pass through the VPN on the host .
Of course I monitored the traffic with Wireshark on the host and it seems to work correctly .

If you have another questions ask here .

halo9en · January 23, 2016, 6:31pm

Thanks for the response, Hiberts. I hadn’t read through the thread fully when I posted, so I was under the impression you were using VPN-Firewall on a Tails host system. The configuration for that would be a bit more interesting, as it’d mean you’re likely tunneling from Tails host (not in a VM but on disk/memory) -> VPN (with VPN-Firewall ensuring you’re connected or fails closed) -> Tor. This could be a powerful setup for certain use cases (really, hiding the fact you’re using Tor from your ISP or government)

Hiberts · January 26, 2016, 2:44pm

Maybe now it’s possible, for example i red that Tails now starts in offline mode, in this case I think you will have the time to start VPN-Firewall, Openvpn, and finally Tor .
But you should test it or you can ask directly to the Tails developer in IRC Chat .