DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 2 Weeks Ago
bsdbsdbsd1 bsdbsdbsd1 is offline
Port Guard
 
Join Date: Nov 2024
Posts: 13
Default PF Tor Traffic

My Firewall setup is the following:
Code:
block all
pass out all
My Firewall (PF) is blocking out Tor traffic but not all other outgoing traffic. I need help writing a rule helping Tor traffic pass. I think this is strange since all outgoing traffic is allowed to pass (pass out all).

Last edited by bsdbsdbsd1; 2 Weeks Ago at 04:52 PM.
Reply With Quote
  #2   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

BitTorrent is a peer-to-peer protocol. If you wish to have your BitTorrent software function as a peer, you must configure the system running BitTorrent and any gateway routers to permit this incoming traffic to your selected TCP or UDP port number. You must also pass responding, outgoing traffic.

Your chosen BitTorrent software should have a mechanism for you to specify your chosen UDP and TCP port number, so that the software can advertise it to other peers and trackers.


---

Edited to add: If your OpenBSD system is connected to the Internet through a gateway router, you will need to add a single pass rule to accept any incoming traffic that is destined to your selected destination port number, such as:
Quote:
pass in proto {udp tcp} from any to (self) port 54321
You will need to provision that gateway router to forward that port on your local network.

Last edited by jggimi; 2 Weeks Ago at 10:53 PM.
Reply With Quote
  #3   (View Single Post)  
Old 2 Weeks Ago
bsdbsdbsd1 bsdbsdbsd1 is offline
Port Guard
 
Join Date: Nov 2024
Posts: 13
Default

Than you for the torrent guide.
Reply With Quote
  #4   (View Single Post)  
Old 2 Weeks Ago
flatdog flatdog is offline
New User
 
Join Date: Jul 2024
Location: Romania
Posts: 3
Default

Quote:
Originally Posted by jggimi View Post
BitTorrent is a peer-to-peer protocol. If you wish to have your BitTorrent software function as a peer, you must configure the system running BitTorrent and any gateway routers to permit this incoming traffic to your selected TCP or UDP port number. You must also pass responding, outgoing traffic.

Your chosen BitTorrent software should have a mechanism for you to specify your chosen UDP and TCP port number, so that the software can advertise it to other peers and trackers.


---

Edited to add: If your OpenBSD system is connected to the Internet through a gateway router, you will need to add a single pass rule to accept any incoming traffic that is destined to your selected destination port number, such as:You will need to provision that gateway router to forward that port on your local network.
Tor (the onion routing) and bittorrent are two different beasts.
Reply With Quote
  #5   (View Single Post)  
Old 2 Weeks Ago
flatdog flatdog is offline
New User
 
Join Date: Jul 2024
Location: Romania
Posts: 3
Default

I've found this, posted back in 2021, I believe it should work today. Haven't tested myself, I used to block anything TOR-related, YMMV. Good luck and keep us posted.
Reply With Quote
  #6   (View Single Post)  
Old 2 Weeks Ago
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 8,052
Default

Ah, I misread the original post from @bsdbsdbsd1. Thank you for the correction!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Low traffic to this forum? jb_daefo Off-Topic 12 15th July 2017 04:32 AM
Traffic Shaping Using PF Amithapr OpenBSD General 11 15th March 2017 05:07 PM
PF only firefox traffic ? bryn1u OpenBSD Security 12 7th November 2014 04:39 AM
Traffic between two vpn networks bertj FreeBSD Security 4 31st January 2013 02:44 PM
multiplexing traffic schmurfy OpenBSD General 6 26th March 2012 12:46 PM


All times are GMT. The time now is 02:51 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick