qubes-linux-template-builder/scripts_debian/wheezy+whonix-gateway/files/usr/lib/whonix/enable-iptables-logging.sh

#!/bin/bash

# Check /var/log/kern.log for logging results

LOG_IP4=1
LOG_IP6=0

# for IPv4
if [ "$LOG_IP4" == "1" ]; then
    iptables -t raw -A OUTPUT -p icmp -j TRACE
    iptables -t raw -A PREROUTING -p icmp -j TRACE
    modprobe ipt_LOG
fi

# for IPv6
if [ "$LOG_IP6" == "1" ]; then
    ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-request -j TRACE
    ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-reply -j TRACE
    ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-request -j TRACE
    ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-reply -j TRACE
    modprobe ip6t_LOG
fi

# Redirect local port to remote via socat
#apt-get install socat
#socat TCP4-LISTEN:8082,fork,mode=0666,user=root,group=root TCP4:10.137.255.254:8082
#
# Works
# localhost/loopback maps localhost port 8082 to localhost port 8888
#iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 8082 -j REDIRECT --to-ports 8888
More whonix-gateway tweaks. It should be working now 2014-10-25 16:49:49 +00:00			`#!/bin/bash`

			`# Check /var/log/kern.log for logging results`

			`LOG_IP4=1`
			`LOG_IP6=0`

			`# for IPv4`
			`if [ "$LOG_IP4" == "1" ]; then`
			`iptables -t raw -A OUTPUT -p icmp -j TRACE`
			`iptables -t raw -A PREROUTING -p icmp -j TRACE`
			`modprobe ipt_LOG`
			`fi`

			`# for IPv6`
			`if [ "$LOG_IP6" == "1" ]; then`
			`ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-request -j TRACE`
			`ip6tables -t raw -A OUTPUT -p icmpv6 --icmpv6-type echo-reply -j TRACE`
			`ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-request -j TRACE`
			`ip6tables -t raw -A PREROUTING -p icmpv6 --icmpv6-type echo-reply -j TRACE`
			`modprobe ip6t_LOG`
			`fi`
Whonix setup GUI now run on first start to allow configuration Added alternate for dialag (gdialog) so some of Whonix programs run Changed sudo permissions to fix umask and not use QT shared memory Changed whonix to use basic hosts file Added detection if template is active for updating Added startup code for tinyproxy Added code to disable uwt so apt-get can be used as proxy Created a python GUI Message Alert using yaml for messages (internationalization) 2014-11-02 21:14:36 +00:00
			`# Redirect local port to remote via socat`
			`#apt-get install socat`
			`#socat TCP4-LISTEN:8082,fork,mode=0666,user=root,group=root TCP4:10.137.255.254:8082`
			`#`
			`# Works`
			`# localhost/loopback maps localhost port 8082 to localhost port 8888`
			`#iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 8082 -j REDIRECT --to-ports 8888`