Restrict Ports when BINE_WHONIX is enabled.
This commit is contained in:
parent
caca121441
commit
61ced82cb4
|
@ -274,6 +274,10 @@ func (tp *torProvider) Listen(identity connectivity.PrivateKey, port int) (conne
|
||||||
if _, ferr := os.Stat("/usr/share/anon-ws-base-files/workstation"); !os.IsNotExist(ferr) {
|
if _, ferr := os.Stat("/usr/share/anon-ws-base-files/workstation"); !os.IsNotExist(ferr) {
|
||||||
localListener, err = net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(localport))
|
localListener, err = net.Listen("tcp", "0.0.0.0:"+strconv.Itoa(localport))
|
||||||
}
|
}
|
||||||
|
// for whonix like systems we tightly restrict possible listen...
|
||||||
|
// pick a random port between 15300 and 15378
|
||||||
|
// cwtch = 63 *77 *74* 63* 68 = 1537844616
|
||||||
|
localport = 15300 + ((localport - 1024) % 78)
|
||||||
} else {
|
} else {
|
||||||
localListener, err = net.Listen("tcp", "127.0.0.1:"+strconv.Itoa(localport))
|
localListener, err = net.Listen("tcp", "127.0.0.1:"+strconv.Itoa(localport))
|
||||||
}
|
}
|
||||||
|
@ -298,6 +302,7 @@ func (tp *torProvider) Listen(identity connectivity.PrivateKey, port int) (conne
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
os.ID = onion
|
||||||
os.CloseLocalListenerOnClose = true
|
os.CloseLocalListenerOnClose = true
|
||||||
|
|
||||||
ols := &onionListenService{os: os, tp: tp}
|
ols := &onionListenService{os: os, tp: tp}
|
||||||
|
|
Loading…
Reference in New Issue