Firejail: Difference between revisions
imported>Onny mNo edit summary |
imported>Onny Simplify tor instructions |
||
Line 69: | Line 69: | ||
}; | }; | ||
networking | networking = { | ||
interfaces = []; | bridges."tornet".interfaces = []; | ||
interfaces.tornet.ipv4.addresses = [{ | |||
address = "10.100.100.1"; | |||
prefixLength = 24; | |||
}]; | |||
firewall = { | |||
enable = true; | |||
interfaces.tornet = { | |||
allowedTCPPorts = [ 9040 ]; | |||
allowedUDPPorts = [ 5353 ]; | |||
}; | |||
extraCommands = '' | |||
iptables -t nat -A PREROUTING -i tornet -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1:5353 | |||
iptables -t nat -A PREROUTING -i tornet -p tcp -j DNAT --to-destination 127.0.0.1:9040 | |||
''; | |||
}; | |||
}; | }; | ||
boot.kernel.sysctl = { | boot.kernel.sysctl = { | ||
"net.ipv4.conf.tornet.route_localnet" = 1; | "net.ipv4.conf.tornet.route_localnet" = 1; | ||
}; | }; | ||
</syntaxhighlight> | </syntaxhighlight> |