mirror of
https://github.com/ChronosX88/psyced.git
synced 2024-11-09 20:11:00 +00:00
routing .onion into tor using the unbound.conf
This commit is contained in:
parent
8fc74212f6
commit
ec6ccbfc4f
@ -376,7 +376,7 @@ X
|
|||||||
$torify = "torsocks";
|
$torify = "torsocks";
|
||||||
say "Enabling PSYC federation over Tor: Using "
|
say "Enabling PSYC federation over Tor: Using "
|
||||||
. "torsocks wrapper around psyced.\n";
|
. "torsocks wrapper around psyced.\n";
|
||||||
say "Warning: It will probably not function.\n"
|
say "Warning: Maybe, if you install unbound.conf, it actually works.\n"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
## ldmud bug number two
|
## ldmud bug number two
|
||||||
@ -617,6 +617,8 @@ test -x $base/bin/psyced || exit 0
|
|||||||
case "\$1" in
|
case "\$1" in
|
||||||
start)
|
start)
|
||||||
echo -n "Starting psyced in background ... "
|
echo -n "Starting psyced in background ... "
|
||||||
|
# route .onion addresses through Tor
|
||||||
|
iptables -t nat -A OUTPUT -p tcp -d 127.192.0.0/10 -j REDIRECT --to-ports 9040
|
||||||
# in nei's environment a zsh would be started to execute the
|
# in nei's environment a zsh would be started to execute the
|
||||||
# psyced script. so he suggests to add a -s parameter. in our
|
# psyced script. so he suggests to add a -s parameter. in our
|
||||||
# environment both strategies work.
|
# environment both strategies work.
|
||||||
@ -688,7 +690,10 @@ X
|
|||||||
|
|
||||||
ControlSocket $base/var/tor/.control
|
ControlSocket $base/var/tor/.control
|
||||||
DataDirectory $base/var/tor
|
DataDirectory $base/var/tor
|
||||||
|
TransPort 9040
|
||||||
SocksPort 9050
|
SocksPort 9050
|
||||||
|
DNSPort 9053
|
||||||
|
AutomapHostsOnResolve 1
|
||||||
|
|
||||||
HiddenServiceDir $base/etc/tor/.onion
|
HiddenServiceDir $base/etc/tor/.onion
|
||||||
X
|
X
|
||||||
@ -703,7 +708,6 @@ X
|
|||||||
#ControlPort 9051
|
#ControlPort 9051
|
||||||
#Log notice stdout
|
#Log notice stdout
|
||||||
#DirReqStatistics 0
|
#DirReqStatistics 0
|
||||||
#DNSPort 127.0.0.1:5353
|
|
||||||
#SafeSocks 1
|
#SafeSocks 1
|
||||||
X
|
X
|
||||||
print O <<X if $c{_optional_tor_nodes_entry};
|
print O <<X if $c{_optional_tor_nodes_entry};
|
||||||
|
18
tor/unbound.conf
Normal file
18
tor/unbound.conf
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# tell a localhost "unbound" DNS server to
|
||||||
|
# forward .onion requests into Tor
|
||||||
|
# courtesy of tg of secushare.org
|
||||||
|
#
|
||||||
|
# see the unbound.conf(5) man page for more.
|
||||||
|
|
||||||
|
server:
|
||||||
|
# The following line will configure unbound to perform cryptographic
|
||||||
|
# DNSSEC validation using the root trust anchor.
|
||||||
|
auto-trust-anchor-file: "/var/lib/unbound/root.key"
|
||||||
|
do-not-query-localhost: no
|
||||||
|
harden-dnssec-stripped: no
|
||||||
|
private-domain: "onion"
|
||||||
|
|
||||||
|
forward-zone:
|
||||||
|
name: "onion"
|
||||||
|
forward-addr: 127.0.0.1@9053
|
||||||
|
forward-first: no
|
Loading…
Reference in New Issue
Block a user