Jump to content

Firejail: Difference between revisions

Firejail (view source)

Revision as of 17:57, 14 November 2022

441 bytes added ,  14 November 2022
m
no edit summary
VisualWikitext
imported>Onny
(Add Tor routing example)
imported>Onny
mNo edit summary
Line 55: Line 55:


<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
tor = {
services.tor = {
   enable = true;
   enable = true;
   openFirewall = true;
   openFirewall = true;
Line 72: Line 72:
   prefixLength = 24;
   prefixLength = 24;
}];
}];
boot.kernel.sysctl = {
  "net.ipv4.conf.tornet.route_localnet" = 1;
};
networking.firewall.extraCommands = ''
  iptables -t nat -A PREROUTING -i tornet -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1:5353
  iptables -t nat -A PREROUTING -i tornet -p tcp -j DNAT --to-destination 127.0.0.1:9040
  iptables -A INPUT -i tornet -p tcp --dport 9040 -j ACCEPT
  iptables -A INPUT -i tornet -p udp --dport 5353 -j ACCEPT
'';
</syntaxhighlight>
</syntaxhighlight>


Anonymous user
Retrieved from "https://wiki.nixos.org/wiki/Special:MobileDiff/10237"