Redirect Whonix-Workstation Ports or Unix Domain Socket Files to Whonix-Gateway
From Whonix
Contents
Introduction[edit]
Port or unix domain socket file redirection could be useful for any future applications that expect Tor or the ControlPort to listen on any specific port or unix domain socket file that is not (yet) added to anon-ws-disable-stacked-tor build-ins [archive] or config [archive] by default, or for any other port or unix domain socket file redirections from the workstation to the gateway.
Instructions[edit]
To create a port or unix domain socket file, it is required to create and extend config file /etc/anon-ws-disable-stacked-tor.d/50_user.conf. [1]
Inside Whonix-Workstation ™.
Note: Qubes-Whonix users should use folder /etc/anon-ws-disable-stacked-tor.d rather than folder /usr/local/etc/anon-ws-disable-stacked-tor.d/ and apply this in whonix-ws-15 TemplateVM. [2]
Create folder /usr/local/etc/anon-ws-disable-stacked-tor.d/.
sudo mkdir -p /usr/local/etc/anon-ws-disable-stacked-tor.d
Open file /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf in an editor with root rights.
(Qubes-Whonix ™: In TemplateVM)
This box uses sudoedit for better security [archive]. This is an example and other tools could also achieve the same goal. If this example does not work for you or if you are not using Whonix, please refer to this link.
sudoedit /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf
Then either add a port redirection.
For example to redirect Whonix-Workstation ™ port 9100 to Whonix-Gateway ™ port 9050. Note: adjust the port numbers for your needs.
file_port_tuples+=" port#9100:9050 "
Or create a unix domain socket file /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock and have it forwarded to Whonix-Gateway ™ port 9050.
file_port_tuples+=" /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock#9050 "
Save.
Run the systemd-socket-proxyd systemd-unit-files-generator. [3]
sudo /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator
The process of creating a redirection is now complete.
Testing[edit]
To test /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock, you could use:
socat - UNIX-CONNECT:/var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock
Then type:
GET
Then press <enter>.
The expected reply includes Tor is not an HTTP Proxy.
Footnotes[edit]
- ↑ https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/etc/anon-ws-disable-stacked-tor.d/30_anon-dist.conf [archive]
- ↑
The missing Qubes-Whonix feature is that
/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generatordoesn't run at boot time and that files generated by/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generatordon't persist after reboot of a TemplateBasedVM. - ↑ https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator [archive]
Whonix ™ is Supported by Evolution Host DDoS Protected VPS. Stay private and get your VPS with Bitcoin or Monero.
Do you wonder why Whonix will always be free? Check out Why Whonix is Freedom Software [archive].
https [archive] | (forcing) onion [archive]
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].
Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.