Firejail: Difference between revisions
imported>Onny Add Tor routing example |
imported>Onny mNo edit summary |
||
Line 55: | Line 55: | ||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
tor = { | services.tor = { | ||
enable = true; | enable = true; | ||
openFirewall = true; | openFirewall = true; | ||
Line 72: | Line 72: | ||
prefixLength = 24; | prefixLength = 24; | ||
}]; | }]; | ||
boot.kernel.sysctl = { | |||
"net.ipv4.conf.tornet.route_localnet" = 1; | |||
}; | |||
networking.firewall.extraCommands = '' | |||
iptables -t nat -A PREROUTING -i tornet -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1:5353 | |||
iptables -t nat -A PREROUTING -i tornet -p tcp -j DNAT --to-destination 127.0.0.1:9040 | |||
iptables -A INPUT -i tornet -p tcp --dport 9040 -j ACCEPT | |||
iptables -A INPUT -i tornet -p udp --dport 5353 -j ACCEPT | |||
''; | |||
</syntaxhighlight> | </syntaxhighlight> | ||