mirror of
https://github.com/ChronosX88/psyced.git
synced 2024-12-05 00:22:19 +00:00
routing .onion into tor using the unbound.conf
This commit is contained in:
parent
8fc74212f6
commit
ec6ccbfc4f
@ -376,7 +376,7 @@ X
|
||||
$torify = "torsocks";
|
||||
say "Enabling PSYC federation over Tor: Using "
|
||||
. "torsocks wrapper around psyced.\n";
|
||||
say "Warning: It will probably not function.\n"
|
||||
say "Warning: Maybe, if you install unbound.conf, it actually works.\n"
|
||||
}
|
||||
}
|
||||
## ldmud bug number two
|
||||
@ -617,6 +617,8 @@ test -x $base/bin/psyced || exit 0
|
||||
case "\$1" in
|
||||
start)
|
||||
echo -n "Starting psyced in background ... "
|
||||
# route .onion addresses through Tor
|
||||
iptables -t nat -A OUTPUT -p tcp -d 127.192.0.0/10 -j REDIRECT --to-ports 9040
|
||||
# in nei's environment a zsh would be started to execute the
|
||||
# psyced script. so he suggests to add a -s parameter. in our
|
||||
# environment both strategies work.
|
||||
@ -688,7 +690,10 @@ X
|
||||
|
||||
ControlSocket $base/var/tor/.control
|
||||
DataDirectory $base/var/tor
|
||||
TransPort 9040
|
||||
SocksPort 9050
|
||||
DNSPort 9053
|
||||
AutomapHostsOnResolve 1
|
||||
|
||||
HiddenServiceDir $base/etc/tor/.onion
|
||||
X
|
||||
@ -703,7 +708,6 @@ X
|
||||
#ControlPort 9051
|
||||
#Log notice stdout
|
||||
#DirReqStatistics 0
|
||||
#DNSPort 127.0.0.1:5353
|
||||
#SafeSocks 1
|
||||
X
|
||||
print O <<X if $c{_optional_tor_nodes_entry};
|
||||
|
18
tor/unbound.conf
Normal file
18
tor/unbound.conf
Normal file
@ -0,0 +1,18 @@
|
||||
# tell a localhost "unbound" DNS server to
|
||||
# forward .onion requests into Tor
|
||||
# courtesy of tg of secushare.org
|
||||
#
|
||||
# see the unbound.conf(5) man page for more.
|
||||
|
||||
server:
|
||||
# The following line will configure unbound to perform cryptographic
|
||||
# DNSSEC validation using the root trust anchor.
|
||||
auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
||||
do-not-query-localhost: no
|
||||
harden-dnssec-stripped: no
|
||||
private-domain: "onion"
|
||||
|
||||
forward-zone:
|
||||
name: "onion"
|
||||
forward-addr: 127.0.0.1@9053
|
||||
forward-first: no
|
Loading…
Reference in New Issue
Block a user