What precisely does Whonix route through Tor?

I would like to know precisely what Whonix forwards through Tor

Presumably stuff like:

1. Web traffic, i.e. HTTP + HTTPS

2. DNS

3. I heard about something called GETINFO, a so-called “Tor Control Port command”

Aside from HTTP/HTTPS, DNS and GETINFO… is there anything else that Whonix forwards through Tor?

I would like the full list of everything that Whonix forwards.

kingneil:

I would like to know precisely what Whonix forwards through Tor

Presumably stuff like:

1. Web traffic, i.e. HTTP + HTTPS

2. DNS

Yes.

3. I heard about something called GETINFO, a so-called “Tor Control Port command”

Related to control port filter proxy python (cpfpy). That doesn’t get
forwarded anywhere. At best applications can talk to Tor’s ControlPort
indirectly through cpfpy. Commands are filtered. White list only.

Aside from HTTP/HTTPS, DNS and GETINFO… is there anything else that Whonix forwards through Tor?

I would like the full list of everything that Whonix forwards.

It really depends on what Tor supports. At the moment only specific
types of DNS as well as TCP. http/https happens on a higher level [as
anywhere] on top of TCP and really is transmitted as TCP.

• Either Whonix-Workstation talks to a Tor SocksPort directly,
• or traffic gets redirected into Tor’s TransPort or Tor’s DnsPort
• IP forwarding (default disabled on Linux) remains disabled.
• Even without any firewall or Tor running on Whonix-Gateway,
  Whonix-Workstation could not magically connect to clearnet. Imagine in
  simplest terms a VM connected by internal network only to another VM. If
  the other VM does not use IP forwarding, there will be no clearnet access.

https://github.com/Whonix/whonix-gw-firewall/blob/master/usr/bin/whonix_firewall