Dear anonymous people!
So the question if about anonsurf and how it is using the firewall to route traffic only through TOR.
Now as we all know TOR is using the protocol TCP, which means traffic that is not TCP can not be resolved by TOR.
Now when you use the PING command it is sending ICMP ( internet control message protocol ) packets to the desired website that you have done, now normally when using anonsurf it should not let you ping any website since ping is using ICMP and not TCP, now for me it does?
I tried to experiment a bit, so I booted off TAILS, which is also using IP-tables to redirect everything through TOR, and there I tried a ping scan and it did not let me ping a website, same goes for NMAP also with tails it did not let me do a scan. That is how I think it should work ( otherwise there is a possibility that you can leak you IP address, since TOR is not supporting ICMP nor UDP )
Now I did review the anondaemon code, and I did see that parrotsec did implement this line:
/usr/sbin/iptables -t nat -A OUTPUT -p icmp -j REDIRECT --to-ports $TOR_PORT
Now I did read on the TOR website about transparent proxy that icmp packets are not blocked because they have no owner.
quote:
“WARNING: Ping (ICMP) is not blocked because ping packets have no “owner” the rule could match against. Either accept this as a risk for possible leaks or globally block ICMP with”
Can someone inform me with this query ( I would appreciate evidence ).
Thanks,
Mister-onion.