Clarified and Split Apart Environment Variables that alter port binding behaviour. #47
Loading…
Reference in New Issue
No description provided.
Delete Branch "whonix"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
@ -272,2 +272,3 @@
var err error
if bineWhonix := os.Getenv("BINE_WHONIX"); strings.ToLower(bineWhonix) == "true" {
if cwtchRestrictPorts := os.Getenv("CWTCH_RESTRICT_PORTS"); strings.ToLower(cwtchRestrictPorts) == "true" {
from the docs i thought i could specify the range on the cmd line. can't we just change this to an
.exists()
check as a flag? any value means it was set?I'd rather be explicit. Someone setting this to "false" should not be surprised.
@ -274,0 +274,4 @@
if cwtchRestrictPorts := os.Getenv("CWTCH_RESTRICT_PORTS"); strings.ToLower(cwtchRestrictPorts) == "true" {
// for whonix like systems we tightly restrict possible listen...
// pick a random port between 15000 and 15378
// cwtch = 63 *77 *74* 63* 68 = 1537844616
dont understand this line
I had to pick a subrange of ports (technically we could allow these to be configurable, but the additional complexity does not seem worth it atm), and this how I arrived at the top range.
@ -274,0 +275,4 @@
// for whonix like systems we tightly restrict possible listen...
// pick a random port between 15000 and 15378
// cwtch = 63 *77 *74* 63* 68 = 1537844616
log.Infof("using restricted ports, CWTCH_RESTRICT_PORTS=true");
since its not a specified range, why not call it WHONIX_PORTS since thats what it is
there are other possible usecases for this flag e.g. any containerized OS, not just whonix.
ah ok i misunderstoond, this feature scopes cwtch to arbitrary 15000 to 15378, which isnt whonix specific, we i assume config that for whonix in a config elsewhere? it's not a whonix requirement to use those exact ports?