Redirect Whonix-Workstation Ports or Unix Domain Socket Files to Whonix-Gateway
From Whonix
Contents
Introduction[edit]
Port or unix domain socket file redirection could be useful for any future applications that expect Tor or the ControlPort to listen on any specific port or unix domain socket file that is not (yet) added to anon-ws-disable-stacked-tor build-ins or config by default, or for any other port or unix domain socket file redirections from the workstation to the gateway.
Instructions[edit]
To create a port or unix domain socket file, it is required to create and extend config file /etc/anon-ws-disable-stacked-tor.d/50_user.conf. [1]
Inside Whonix-Workstation ™.
Note: Qubes-Whonix users should use folder /etc/anon-ws-disable-stacked-tor.d rather than folder /usr/local/etc/anon-ws-disable-stacked-tor.d/ and apply this in whonix-ws-15 TemplateVM. [2]
Create folder /usr/local/etc/anon-ws-disable-stacked-tor.d/.
sudo mkdir -p /usr/local/etc/anon-ws-disable-stacked-tor.d
Open /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf in an editor with root rights.
This box uses lxsu for root privilege escalation and mousepad as editor. These are examples. Other tools could archive the same goal too. If these example tools do not work for you or if you are not using Whonix, please press on Expand on the right side.
The easiest would be to install these example tools lxsu mousepad so you can keep copying and pasting these instructions.
Update the package lists.
sudo apt-get update
Upgrade the system.
sudo apt-get dist-upgrade
Install the --no-install-recommends lxsu mousepad package.
sudo apt-get install --no-install-recommends lxsu mousepad
The procedure is complete.
Alternatively you could also use other tools which may already be installed by default.
gksudo gedit /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf
sudoedit /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf
If you are using a graphical Whonix or Qubes-Whonix ™ with XFCE, run.
lxsu mousepad /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf
If you are using a terminal-only Whonix, run.
sudo nano /usr/local/etc/anon-ws-disable-stacked-tor.d/50_user.conf
Then either add a port redirection.
For example to redirect Whonix-Workstation ™ port 9100 to Whonix-Gateway ™ port 9050. Note: adjust the port numbers for your needs.
file_port_tuples+=" port#9100:9050 "
Or create a unix domain socket file /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock and have it forwarded to Whonix-Gateway ™ port 9050.
file_port_tuples+=" /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock#9050 "
Save.
Run the systemd-socket-proxyd systemd-unit-files-generator. [3]
sudo /usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator
The process of creating a redirection is now complete.
Testing[edit]
To test /var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock, you could use:
socat - UNIX-CONNECT:/var/run/anon-ws-disable-stacked-tor/unix-domain-socket-file.sock
Then type:
GET
Then press <enter>.
The expected reply includes Tor is not an HTTP Proxy.
Footnotes[edit]
- ↑ https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/etc/anon-ws-disable-stacked-tor.d/30_anon-dist.conf
- ↑
The missing Qubes-Whonix feature is that
/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generatordoesn't run at boot time and that files generated by/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generatordon't persist after reboot of a TemplateBasedVM. - ↑ https://github.com/Whonix/anon-ws-disable-stacked-tor/blob/master/usr/lib/anon-ws-disable-stacked-tor/systemd-unit-files-generator
No comments for now due to spam. Use Whonix forums instead.
Have you contributed to Whonix ™? If so, feel free to add your name and highlight what you did on the Whonix authorship page.
Follow: Twitter | Facebook | gab.ai | Stay Tuned | Whonix News
This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.
Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)
Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.
Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.
By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.