Имеем TOR, которые установлен в LXC. На него у меня доднят тунель. При попытке зайти на onion-сайт, выходит:
Sep 06 02:42:08.000 [warn] Missing mapping for virtual address '[scrubbed]'. Refusing.
TransPort 9040
TransListenAddress 10.243.0.241
DNSPort 9050
DNSListenAddress 127.0.0.50
VirtualAddrNetwork 172.16.0.0/12
AutomapHostsSuffixes .onion,.exit
AutomapHostsOnResolve 1
root@tor:~# iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 175 packets, 11788 bytes)
pkts bytes target prot opt in out source destination
141 8460 DNAT tcp -- any any 10.243.3.0/24 !10.0.0.0/8 to:10.243.0.241:9040
0 0 DNAT udp -- any any 10.243.3.0/24 !10.0.0.0/8 udp dpt:domain to:10.243.0.241:53
Chain INPUT (policy ACCEPT 145 packets, 9471 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 21 packets, 1170 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 192 packets, 11947 bytes)
pkts bytes target prot opt in out source destination
root@tor:~# iptables -L -v
Chain INPUT (policy ACCEPT 16241 packets, 5963K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 370 packets, 86191 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP icmp -- any any 10.243.3.0/24 !10.0.0.0/8
9 1422 DROP tcp -- any any 10.243.3.0/24 !10.0.0.0/8 tcp dpt:!9040
0 0 DROP udp -- any any 10.243.3.0/24 !10.0.0.0/8
Chain OUTPUT (policy ACCEPT 15046 packets, 8992K bytes)
pkts bytes target prot opt in out source destination
