Sorry, also your /etc/shorewall/policy file should read: net all DROP notice # The FOLLOWING POLICY MUST BE LAST all all REJECT notice
to allow for whitelisting in rules file. Regards, T On 3 October 2013 21:03, Thomas Hand <[email protected]> wrote: > Hi Jan, > > Here is an example config for shorewall, pulled it straight off a relay I > run. > > # PORT PORT(S) > DEST LIMIT GROUP > SECTION NEW > > # Drop Ping from the "bad" net zone.. and prevent your log from being > flooded.. > > #Ping(ACCEPT) net $FW > Ping(DROP) net $FW > ACCEPT net $FW tcp 9001 #tor > ACCEPT net $FW tcp 9030 #tor-dir > #ACCEPT net $FW tcp 22 > #ssh/dropbear > ACCEPT net $FW tcp 80 #apache > #ACCEPT net $FW tcp 443 #ssl apache > > # Permit all ICMP traffic FROM the firewall TO the net zone > ACCEPT $FW net icmp > > > Paste that into your /etc/shorewall/rules file, uncomment lines as needed > and then 'service shorewall restart' > > Regards > T > > > On 2 October 2013 20:34, Jan Hendrik den Besten <[email protected]> wrote: > >> Hi, >> >> I installed tor a few days ago. It only runs fine if I stop my shorewall >> firewall. I found here some online help: >> >> https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ >> >> However, the shorewall-rules example given there doesn't work. It's >> mentioned the example is for shorewall v2.2.3 whereas the current version >> is v4.5.16.1. >> >> Does anyone have a latest exmple of the /etc/shorewall/rules file? >> >> thanks, Jan Hendrik >> -- >> _______________________________________________ >> tor-relays mailing list >> [email protected] >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > >
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
