intrigeri:
> Hi,
>
> sajolida wrote (02 Jan 2012 16:20:19 GMT) :
>> 1. Using SSH
>
>> We should exclude local IPs from the torifying SSH configuration in
>> /etc/ssh/ssh_config. See the patch in attachment.
>
> Good idea. However, the proposed patch also disables, for connections
> to RFC1918 IPs, all kinds of protections we recently added to
> ssh_config. I commited what I believe is an improved patch to devel,
> and cherry-picked it into testing (8713d40). Untested, though.
>
>> 2. Using Iceweasel
>
>> We should add an exception to the FoxyProxy list. This could be done
>> by adding a proxy before the main Tor one that does a whitelist for
>> local IP addresses to have a direct Internet connection.
>
> Agreed. I'll do it sometime before tomorrow midday CEST unless someone
> steps up and commits to do it.
No news. So would this patch do the trick?
- --
sajolida
>From 3e5b5ff368fc4c924a6b8cc4fa732b67f58818f5 Mon Sep 17 00:00:00 2001
From: Tails developers <amnesia@???>
Date: Tue, 3 Jan 2012 21:38:55 +0100
Subject: [PATCH] Foxyproxy: do not proxy local subnets
---
.../etc/iceweasel/profile/foxyproxy.xml | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/config/chroot_local-includes/etc/iceweasel/profile/foxyproxy.xml b/config/chroot_local-includes/etc/iceweasel/profile/foxyproxy.xml
index 683793b..002740c 100644
--- a/config/chroot_local-includes/etc/iceweasel/profile/foxyproxy.xml
+++ b/config/chroot_local-includes/etc/iceweasel/profile/foxyproxy.xml
@@ -65,6 +65,20 @@ autoReload="false" reloadFreqMins="60" disableOnBadPAC="true" />
<manualconf host="127.0.0.1" port="4444" socksversion="5"
isSocks="false" />
</proxy>
+<proxy name="Local IP addresses" id="3038369512" notes="" enabled="true"
+mode="direct" selectedTabIndex="0" lastresort="false"
+animatedIcons="true" includeInCycle="true" color="#E60000"
+proxyDNS="true">
+<matches>
+<match enabled="true" name="local subnets"
+pattern="^https?://(?:[^:@/]+(?::[^@/]+)?@)?(?:192\.168\.\d+\.\d+|10\.\d+\.\d+\.\d+|172\.(?:1[6789]|2[0-9]|3[01])\.\d+\.\d+)(?::\d+)?/.*"
+isRegEx="true" isBlackList="false" isMultiLine="false"
+caseSensitive="false"/>
+</matches>
+<autoconf url="" loadNotification="true" errorNotification="true"
+autoReload="false" reloadFreqMins="60" disableOnBadPAC="true"/>
+<manualconf host="" port="" socksversion="5" isSocks="false"/>
+</proxy>
<proxy name="Tor http(s)" id="4274466714" notes="" enabled="true"
mode="manual" selectedTabIndex="0" lastresort="false"
animatedIcons="true" includeInCycle="true" color="#339900"
--
1.7.7.3