NAME

corridor - Tor traffic whitelisting gateway

SYNOPSIS

corridor-data

corridor-init-forwarding

corridor-init-logged

corridor-init-snat

corridor-load-config

corridor-load-ipset

corridor-load-ipset-logged

corridor-load-ipset-relays

corridor-stop-forwarding

corridor-stop-snat

DESCRIPTION

corridor allows only connections to Tor relays to pass through (no clearnet leaks!), but client computers are themselves responsible for torifying their own traffic. In other words, it is a filtering gateway, not a proxying gateway.

You can think of it as a fail-safe for your vanilla Tor Browser or Tails, for your beautiful scary experimental Qubes proxying schemes, etc. Or invite the hood to use your WiFi without getting into trouble.

corridor-data

Keep track of acceptable Tor relays.

corridor-data script opens a Tor control connection and subscribes to NEWCONSENSUS events (announcements listing all public relays), unless you inform it of any bridges to use instead.

corridor-data &

corridor-init-forwarding

Set up IP traffic forwarding.

corridor-init-forwarding

corridor-init-snat

Set up Source NAT with iptables.

corridor-init-snat

corridor-init-logged

Log attempted leaks from selected clients. This command will block until corridor_relays gets populated!

corridor-init-logged

corridor-load-config

Sanity test for the configuration folders. Also internally used by corridor.

corridor-load-config

corridor-stop-forwarding

corridor-stop-snat

Stop actions.

corridor-load-ipset

corridor-load-ipset-logged

corridor-load-ipset-relays

Internally used by corridor.

EXIT STATUS

0 Success.

non-zero Failure.

CONFIGURATION FOLDERS

/etc/corridor.d and /usr/local/etc/corridor.d

WWW

https://github.com/rustybird/corridor

DISCLAIMER

This package is produced independently of, and carries no guarantee from, The Tor Project.

AUTHOR

This man page has been written by Patrick Schleizer (adrelanos@whonix.org).

corridor has been written by Rusty Bird (rustybird@net-c.com).