I would like to know precisely what Whonix forwards through Tor
Presumably stuff like:
-
Web traffic, i.e. HTTP + HTTPS
-
DNS
-
I heard about something called GETINFO, a so-called “Tor Control Port command”
Aside from HTTP/HTTPS, DNS and GETINFO… is there anything else that Whonix forwards through Tor?
I would like the full list of everything that Whonix forwards.
kingneil:
I would like to know precisely what Whonix forwards through Tor
Presumably stuff like:
-
Web traffic, i.e. HTTP + HTTPS
-
DNS
Yes.
- I heard about something called GETINFO, a so-called “Tor Control Port command”
Related to control port filter proxy python (cpfpy). That doesn’t get
forwarded anywhere. At best applications can talk to Tor’s ControlPort
indirectly through cpfpy. Commands are filtered. White list only.
Aside from HTTP/HTTPS, DNS and GETINFO… is there anything else that Whonix forwards through Tor?
I would like the full list of everything that Whonix forwards.
It really depends on what Tor supports. At the moment only specific
types of DNS as well as TCP. http/https happens on a higher level [as
anywhere] on top of TCP and really is transmitted as TCP.
- Either Whonix-Workstation talks to a Tor
SocksPort
directly,
- or traffic gets redirected into Tor’s
TransPort
or Tor’s DnsPort
- IP forwarding (default disabled on Linux) remains disabled.
- Even without any firewall or Tor running on Whonix-Gateway,
Whonix-Workstation could not magically connect to clearnet. Imagine in
simplest terms a VM connected by internal network only to another VM. If
the other VM does not use IP forwarding, there will be no clearnet access.
https://github.com/Whonix/whonix-gw-firewall/blob/master/usr/bin/whonix_firewall