Actions

Redirect Whonix-Workstation Ports or Unix Domain Socket Files to Whonix-Gateway

From Whonix


Introduction[edit]

Port or unix domain socket file redirection could be useful for any future applications that expect Tor or the ControlPort to listen on any specific port or unix domain socket file that is not (yet) added to anon-ws-disable-stacked-tor build-ins [archive] or config [archive] by default, or for any other port or unix domain socket file redirections from the workstation to the gateway.

Instructions[edit]

To create a port or unix domain socket file, it is required to create and extend config file /etc/anon-ws-disable-stacked-tor.d/50_user.conf. [1]

Inside Whonix-Workstation ™.

Note: Qubes-Whonix users should use folder /etc/anon-ws-disable-stacked-tor.d rather than folder /usr/local/etc/anon-ws-disable-stacked-tor.d/ and apply this in whonix-ws-15 TemplateVM. [2]

Create folder /usr/local/etc/anon-ws-disable-stacked-tor.d/.

sudo mkdir -p /usr/local/etc/anon-ws-disable-stacked-tor.d

Open file /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf in an editor with root rights.

(Qubes-Whonix ™: In TemplateVM)

This box uses sudoedit for better security [archive]. This is an example and other tools could also achieve the same goal. If this example does not work for you or if you are not using Whonix, please refer to this link.

sudoedit /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf

Then either add a port redirection.

For example to redirect Whonix-Workstation ™ port 9100 to Whonix-Gateway ™ port 9050. Note: adjust the port numbers for your needs.

file_port_tuples+=" port#9100:9050 "

Or create a unix domain socket file /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock and have it forwarded to Whonix-Gateway ™ port 9050.

file_port_tuples+=" /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock#9050 "

Save.

Run the systemd-socket-proxyd systemd-unit-files-generator. [3]

sudo /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator

The process of creating a redirection is now complete.

Testing[edit]

To test /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock, you could use:

socat - UNIX-CONNECT:/var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock

Then type:

GET

Then press <enter>.

The expected reply includes Tor is not an HTTP Proxy.

Footnotes[edit]

  1. https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/etc/anon-ws-disable-stacked-tor.d/30_anon-dist.conf [archive]
  2. The missing Qubes-Whonix feature is that /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator doesn't run at boot time and that files generated by /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator don't persist after reboot of a TemplateBasedVM.
  3. https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator [archive]


Follow: Twitter.png Facebook.png 1280px-Gab text logo.svg.png Rss.png Matrix logo.svg.png 1024px-Telegram 2019 Logo.svg.png Discourse logo.svg

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate whonix.png

Share: Twitter | Facebook

Do you wonder why Whonix will always be free? Check out Why Whonix is Freedom Software [archive].

https [archive] | (forcing) onion [archive]

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee [archive] of the Open Invention Network [archive]. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian [archive]. Debian is a registered trademark [archive] owned by Software in the Public Interest, Inc [archive].

Whonix ™ is produced independently from the Tor® [archive] anonymity software and carries no guarantee from The Tor Project [archive] about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.