Dev/Port Redirection
< Dev
Install lighttpd.
sudo apt-get install lighttpd
It will by default listen on all interfaces. Check if that is true. Change IP to 10.152.152.11 for Non-Qubes-Whonix.
UWT_DEV_PASSTHROUGH=1 wget 10.137.6.41
Now make it listen on localhost only.
echo 'server.bind = "127.0.0.1"' | sudo tee -a /etc/lighttpd/lighttpd.conf
sudo service lighttpd restart
Should no longer be reachable. Try if that is true.
UWT_DEV_PASSTHROUGH=1 wget 10.137.6.41
Now try to set up a redirection from 10.137.6.41 to 127.0.0.1.
sudo sysctl -w net.ipv4.conf.all.route_localnet=1 sudo iptables -t nat -I PREROUTING -p tcp --dport 80 -j DNAT --to 127.0.0.1:80 #sudo iptables -t nat -I PREROUTING -p tcp --dport 17600:17650 -j DNAT --to 127.0.0.1:17600-17650 #sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 80 #sudo iptables -t nat -A PREROUTING -p tcp --dport 17600 -j REDIRECT --to-port 17600
See if that works now.
UWT_DEV_PASSTHROUGH=1 wget 10.137.6.41
If not, unload firewall rules and try something else.
Did you know that Whonix could provide protection against backdoors? See Verifiable Builds. Help is wanted and welcomed.
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.
Whonix is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Libre Software license as Whonix itself. (Why?)