- my memory of torrent ips, protocols, and ports is rusty.
- torrenting within whonix seems a useful idea, taking advantage of all the goodness that whonix brings.
- tor would rather people not torrent through it, for the network burden it brings on the nodes. Understandable.
- tor doesn't so much not tunnel udp as whonix doesn't pass non-dns udp - to tor or otherwise.
Help me think through the ips / protocols / ports in the chain here.
Having loaded up ktorrent and fired it up on a ubuntu torrent, with default whonix, the torrent doesn't start. Understandable.
I get that trackers can be contacted, and tcp willing peers connected to, except the list of peers comes back via udp, so of course ktorrent never knows of them to hook up with them (the gateway firewall not having passed the udp traffic).
However, it occurs to me ... if I fire up a vpn (on the gateway), and set both the vpn's http and socks5 proxy in ktorrent, then I can set a gateway ip table rule to pass (and not through tor) all traffic (including udp) from Whonix-workstation to vpn (over tun0). i.e. A very tightly constrained rule specifically targeted for this one application's specific ip and port settings.
Preserving almost all the goodness that is Whonix, except for traffic from this one application (due to specific ip/proxy settings within it).
Am I thinking that through clearly?
I suppose I'll have to diagram out the current flow to figure out just how it surgically change it. Such as how to except this traffic from being submitted to tor.
- testing a ubuntu torrent download, the torrent does come down. (This is without vpn or iptables change.) So I expect the ktorrent proxy settings make the gateway willing to pass the (tcp?) proxy traffic - however, sadly, I expect all traffic is still indeed going through tor. iptables rules changes will be necessary to avoid that - and in the same spirit as whonix itself, it would be prudent to do so over vpn.
Am I thinking things through clearly, here, and are there pointers to documentation laying out the ips, ports, and protocols in play, and their control points?