[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Yet another UDP / DNS quiestion...
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Yet another UDP / DNS quiestion...
- From: Tomasz Moskal <ramshackle.industries@xxxxxxxxx>
- Date: Sun, 13 Feb 2011 14:20:40 +0000
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Sun, 13 Feb 2011 09:20:50 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:subject:from:to:in-reply-to:references :content-type:date:message-id:mime-version:x-mailer; bh=9YZFhDPqgiKFCM4KYQveLvhbHb67bK2efSz2g4BSuUg=; b=FDYIIJMtNN4xIXbdNslWXJf/5JsTi5/D0BIw2QbM+KTYrnlAbVLU0ocv8XhuoaMsE0 /OhO2hN/LkmzYmhqJEyD+clcNThJy8QFOb0/LEPnYoA3YJvhk6AjlpBQ4TvBOlho5aLW GmlIx5Sq7h67yfakOfWs3U3B/k78ATMpvdyCc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=subject:from:to:in-reply-to:references:content-type:date:message-id :mime-version:x-mailer; b=j+n32NXZV0+n+3AlLV1CU0DwShkjB1uZhXHm8VAoCYfh9KKRcEz5fvOFRzVynZajkr EP9FKrwzsFXjmXHMsgnSRnQ48oRye8ZrRH/M8lXfHqhHuwL8w0I3tEUvASbjMwLSLwLC O4ZOnPHVEuSdOW6PHI9souiYNONb93llSFBIs=
- In-reply-to: <4D5718A7.7060809@xxxxxxxxx>
- References: <1297485037.4789.1.camel@HAL9000> <4D5718A7.7060809@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
> Yes if you redirect DNS requests to Tor's DNSPort you should be safe
> against DNS leaks.
Do I have to use AutomapHostsOnResolve 1 as well? Seems to be pointless
without defining AutomapHostsSuffixes.
> I guess you are talking about a local setup without a "middlebox"
> involved. If my assumption is correct you want to refer to the
following
> section in the document:
>
https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TransparentProxy#LocalRedirectionThroughTor
>
Thanks for clarifying that! Now I need to read some more about iptables.
One more question: will those rules route all UDP traffic to port 53 or
just DNS requests? What will happen with UDP not relating to DNS?
--
Tomasz Moskal <ramshackle.industries@xxxxxxxxx>
Encrypted mail preferred. Key ID: 2C323C82
Attachment:
signature.asc
Description: This is a digitally signed message part