Robert Simmons <[email protected]> wrote: > I am having problems setting up Tor's DNSPort using pf. In FreeBSD > 8.x I was able to just run Tor with the "DNSPort 53" config file > option with no problems. Now, with 9.1, when I run it with that > option, I get a permission denied error when trying to bind port 53 on > localhost. I assume this is from tighter reserved port restrictions: > now you must be root.
I'm reasonably sure that this was the default for 8.x as well. Are you sure you are using the same configuration? > Running Tor as root is not recommended, so I'm > trying to forward all traffic from localhost port 53 to port 9053 > where I have Tor configured to listen now. > > I created a second loopback like so: > ifconfig lo1 create up 127.0.0.2 > > I added the following two rules: > rdr pass on lo1 inet proto udp to port domain -> 127.0.0.1 port 9053 > pass out quick route-to lo1 inet proto udp to port domain keep state > > The above is not working. Any suggestions? Without knowing how it's not working and how the rest of the rules look like, it's hard to come up with specific suggestions. I don't need the port restrictions on my Tor-running systems and thus just set: net.inet.ip.portrange.reservedhigh=52 and let Tor bind to 53 directly. Fabian
signature.asc
Description: PGP signature
