Jimmy Olson: > Hi I am following the instructions on this page except it was wrong and the > comment here fixes the problem > > http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network#comment-34269 > > I would like a VM to use tor and be able to use flash and anything w/o leaks. > My problem is I don't understand this part of linux and how to use iptables. > I'd like to drop everything except TCP. I don't know what DNS lookup uses (is > it TCP?) but there are plenty of other protocols besides tcp and udp > http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol > > How do I write rules that will drop everything except TCP and route it > through tor? > > My other question is instead of setting up a bridge on the host machine I'd > like to do it on a VM. Then have qemu/kvm use the said bridge on the VM. > However I don't know how to make the host machine see the bridge. Or how to > create a bridge that goes from TorGuestVM<-(->HostMachine<-)->TorHostVM > > I'm open to other ways as long as I can have a VM running with qemu/kvm that > cannot communicate to the internet except through tor. Which I prefer to be > in its own VM but the host is ok if I must. > > I have looked at qubes. Qubes and xen doesn't seem to work on my hardware > which is a disappointment. > >
Whonix (self-ad) does exactly this. Using VirtualBox and not KVM, though. Iptables rules would be the same for any virtualizer. It's Open Source, so you can see how it is implemented. -- tor-talk mailing list - [email protected] To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
