Dev/Test

From Whonix
< Dev
Jump to navigation Jump to search

Curl Clearnet Connectivity Test from Whonix-Gateway[edit]

Warning: Not anonymous!

At time of writing IP 116.202.120.181 is check.torproject.org.

Using IP (116.202.120.181) rather than DNS (check.torproject.org) is requried since Whonix-Gateway does not have a global DNS resolver enabled by default for its own traffic (details on page Whonix-Gateway System DNS).

sudo -u clearnet UWT_DEV_PASSTHROUGH=1 curl --silent --tlsv1.3 --header 'Host: check.torproject.org' --insecure https://116.202.120.181

How to UnWhonix - Whonix package removal[edit]

TODO: document

How to UnWhonix - restore clearnet networking[edit]

Instructions on how to remove Whonix Tor default networking for Whonix-Gateway. After applying these instructions, Whonix-Gateway will connect to clearnet.

Warning: Not anonymous!

Qubes specific!


1) Inside sys-whonix: Unload Whonix Firewal.

2) Inside sys-whonix: Check.

sudo iptables --list

Should show.

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

3) Inside any other VM, any non-Tor VM that has functional internet: Figure out its /etc/resolv.conf settings.

cat /etc/resolv.conf

4) Inside sys-whonix: Delete /etc/resolv.conf.

sudo rm /etc/resolv.conf

5) Inside sys-whonix: Use the same settings from the non-Tor VM.

Open file /etc/resolv.conf in an editor with root rights.

Non-Qubes-Whonix

This box uses sudoedit for better security.

Qubes-Whonix

NOTE: When using Qubes-Whonix, this needs to be done inside the Template.

Others and Alternatives

  • This is just an example. Other tools could achieve the same goal.
  • If this example does not work for you or if you are not using Whonix, please refer to this link.

sudoedit /etc/resolv.conf

6) Inside sys-whonix: Deactivate all uwt wrappers globally.

The following instructions permanently deactivate all uwt wrappers and remove stream isolation for uwt-wrapped applications system-wide. Consequently, all uwt-wrapped applications revert to the default system networking configuration.

For more granular control of uwt wrapper deactivation, see: Deactivate uwt Stream Isolation Wrapper.

1. Platform specific notice:

2. Open file /etc/uwt.d/50_user.conf in an editor with root rights.

Non-Qubes-Whonix

This box uses sudoedit for better security.

Qubes-Whonix

NOTE: When using Qubes-Whonix, this needs to be done inside the Template.

Others and Alternatives

  • This is just an example. Other tools could achieve the same goal.
  • If this example does not work for you or if you are not using Whonix, please refer to this link.

sudoedit /etc/uwt.d/50_user.conf

3. Add.

uwtwrapper_global="0"

4. Save and exit.

5. Done.

7) Inside sys-whonix: Download https://check.torproject.orgarchive.org

scurl --remote-name https://check.torproject.org

Or manually run curl with these parameters. [2]

curl --tlsv1.3 --remote-name https://check.torproject.org

Open file index.html in a text editor of your choice as a regular, non-root user.

If you are using a graphical environment, run. mousepad index.html

If you are using a terminal, run. nano index.html

Should include.

Sorry. You are not using Tor.

We believe security software like Whonix needs to remain open source and independent. Would you help sustain and grow the project? Learn more about our 10 year success story and maybe DONATE!

  1. Qubes-Whonix users note: Or alternatively in App Qube.

    1. Create folder /usr/local/etc/uwt.d.

    sudo mkdir -p /usr/local/etc/uwt.d

    2. Open file /usr/local/etc/uwt.d/50_user.conf in an editor with root rights.

    Non-Qubes-Whonix

    This box uses sudoedit for better security.

    Qubes-Whonix

    NOTE: When using Qubes-Whonix, this needs to be done inside the Template.

    Others and Alternatives

    • This is just an example. Other tools could achieve the same goal.
    • If this example does not work for you or if you are not using Whonix, please refer to this link.

    sudoedit /usr/local/etc/uwt.d/50_user.conf

  2. This has the same effect as the scurl command above.