Commit 9f1d5644 authored by anonym's avatar anonym
Browse files

Use tor-controlport-filter for tor-launcher.

parent c70bfb3b
......@@ -49,7 +49,6 @@ domain ip {
# White-list access to Tor's ControlPort
daddr 127.0.0.1 proto tcp dport 9052 {
mod owner uid-owner tor-launcher ACCEPT;
# Needed by a workaround in tordate (NM's 20-time.sh hook)
# for temporarily changing Tor's logging severity.
mod owner uid-owner root ACCEPT;
......@@ -58,6 +57,7 @@ domain ip {
# White-list access to the Tor control port filter
daddr 127.0.0.1 proto tcp dport 9051 {
mod owner uid-owner amnesia ACCEPT;
mod owner uid-owner tor-launcher ACCEPT;
}
# White-list access to Tor's TransPort
......
---
- match-exe-paths:
- '/usr/local/lib/tor-browser/firefox-unconfined'
commands:
SAVECONF:
- ''
GETINFO:
- 'status/bootstrap-phase'
GETCONF:
- 'UseBridges'
- 'Bridge'
- 'Socks4Proxy'
- 'Socks5Proxy'
- 'HTTPSProxy'
SETCONF:
- 'UseBridges(=.*)?'
- 'Bridge(=.*)?'
- 'Socks4Proxy(=.*)?'
- 'Socks5Proxy(=.*)?'
- 'Socks5ProxyUsername(=.*)?'
- 'Socks5ProxyPassword(=.*)?'
- 'HTTPSProxy(=.*)?'
- 'HTTPSProxyAuthenticator(=.*)?'
- 'ReachableAddresses(=.*)?'
- 'DisableNetwork=0'
events:
- 'STATUS_CLIENT'
- 'NOTICE'
- 'WARN'
- 'ERR'
......@@ -9,7 +9,7 @@ set -e
unset TOR_CONTROL_PASSWD
unset TOR_FORCE_NET_CONFIG
export TOR_CONFIGURE_ONLY=1
export TOR_CONTROL_PORT=9052
export TOR_CONTROL_PORT=9051
export TOR_CONTROL_COOKIE_AUTH_FILE=/var/run/tor/control.authcookie
export TOR_HIDE_BROWSER_LOGO=1
if echo "$@" | grep -qw -- --force-net-config; then
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment