Hi team!
Little question:
I’m running Freebsd VM with 2 interfaces
What’s the best way ?
1.
#Specify the address to listen on for the SocksPort
SocksPort 172.16.0.10:9050
#Specify the address to listen on for the ControlPort
ControlPort 172.16.0.100:9051
OR
2.
#Reject the interface i don't want
SOCKSPolicy reject 10.200.200.200
thx!
As far as I know, if you only want tor to use your eth0 you have to specify its IP in the torrc on the following options:
Address
ORPort
DirPort
OutboundBindAddress
SocksPort
ControlPort
But you should read Tor Project: manual and see if for your specific usage other options might be handy. Especially the SOCKS section should be in your focus.
SocksPort and ControlPort usually are bound to localhost and you should only change this, if you know, what you are doing.
To your question, you can combine 1. and 2. - this will bind SocksPort and ControlPort to your eth0 IP and SOCKSPolicy will disallow the eth1 IP to use the SocksPort, but others will be allowed (e.g. 10.200.200.201).
You may also search this forum for SOCKSPolicy, there have already been multiple discussions for different scenarios, maybe one fits yours.
thx! i will do some research for SOKSpolicy
is it dangerous(for anonymity and/or security) to put a private IP(behind my NAT) on SocksPort and ControlPort
SocksPort and ControlPort connections are unencrypted and SocksPort is also always unauthenticated, ControlPort is so too, if you do not configure it to use authentication.
So anyone on your network can use SOCKS and anyone who can intercept traffic can see what connections are used via SOCKS.
So if you are the only-one on the network and it stays like that, it might be fine. Otherwise think about it for a moment or two 