Настроил TransparentProxy, теперь хочу пускать торренты мимо tor. Что нужно добавить в nftables.conf для этого?
зы. nftables.conf сейчас выглядит так
# Verify your network interface with ip addr
define interface = enp1s0
# Verify tor uid with id -u tor
define uid = 43
table ip nat {
set unrouteables {
type ipv4_addr
flags interval
elements = { 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 0.0.0.0/8, 100.64.0.0/10, 169.254.0.0/16, 192.0.0.0/24, 192.0.2.0/24, 192.88.99.0/24, 198.18.0.0/15, 198.51.100.0/24, 203.0.113.0/24, 224.0.0.0/4, 240.0.0.0/4 }
}
chain POSTROUTING {
type nat hook postrouting priority 100; policy accept;
}
chain OUTPUT {
type nat hook output priority -100; policy accept;
meta l4proto tcp ip daddr 10.192.0.0/10 redirect to :9040
meta l4proto udp ip daddr 127.0.0.1 udp dport 53 redirect to :5353
skuid $uid return
oifname "lo" return
ip daddr @unrouteables return
meta l4proto tcp redirect to :9040
}
}
table ip filter {
set private {
type ipv4_addr
flags interval
elements = { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 127.0.0.0/8 }
}
chain INPUT {
type filter hook input priority 0; policy drop;
# Allow Local SSH connections
iifname $interface meta l4proto tcp tcp dport 22 ct state new accept
ct state established accept
iifname "lo" accept
ip saddr @private accept
}
chain FORWARD {
type filter hook forward priority 0; policy drop;
}
chain OUTPUT {
type filter hook output priority 0; policy drop;
ct state established accept
oifname $interface meta l4proto tcp skuid $uid ct state new accept
oifname "lo" accept
ip daddr @private accept
}
}
