so after a CLI restart tor I see this
Apr 16 host Tor: You configured a non-loopback address ’ for HTTP TunnelPort. This allows everybody on your local network to use your machine as a prox…what you wanted.
Tor really listens on that IP/port. It is Whonix-Gateway’s network interface, that is only available to Whonix-Workstations, because it is an internal network with Whonix-Workstation and because Whonix-Gateway is firewalled (see /usr/bin/whonix_firewall or in Whonix source code).