How to block all local outbound traffic except for Tor in Debian.

A few simple "iptables" commands can do this (note that if you are using SSH these will block you immediately!). As root, enter:

# iptables -F OUTPUT
# iptables -A OUTPUT -j ACCEPT -m owner --uid-owner debian-tor
# iptables -A OUTPUT -j ACCEPT -o lo
# iptables -A OUTPUT -j ACCEPT -p udp --dport 123
# iptables -P OUTPUT DROP
# iptables -L -v

The last command will display the number of packets that have been allowed through per rule or else dropped.

The only reason this is specific to debian is the username, "debian-tor." (What user does tor run as on other distros?) Ubuntu also uses "debian-tor". On Gentoo it is just "tor", other none-debian based distros may also use this.

Last modified 3 years ago Last modified on Sep 20, 2011 5:03:58 PM