Man page - whonix-workstation-firewall(8)
Packages contas this manual
Package: whonix-firewall
apt-get install whonix-firewall
apt-get install whonix-firewall
Manuals in package:
Documentations in package:
Manual
| WHONIX_FIREWALL(8) | whonix-firewall Manual | WHONIX_FIREWALL(8) |
NAME
whonix_firewall - Whonix Firewall
SYNOPSIS
whonix_firewall
DESCRIPTION
Gets autostarted by default. Only useful to start manually, if you changed settings in /etc/whonix_firewall.d/ configuration folder and did not restart.
RETURN VALUES
0 Success
1 Error
EXAMPLE
sudo whonix_firewall
WHONIX-WORKSTATION FIREWALL DESIGN NOTES
- ○
- Whonix-Gateways Firewall is responsible for routing all traffic over Tor.
- ○
- Whonix-Workstation Firewall is much less important than the Whonix-Gateway Firewall.
- ○
- Staying anonymous, is by Whonix design, not dependent on Whonix-Workstations Firewall. You could drop this firewall at all and were still anonymous. This was always and will always be that way for all Whonix versions.
- ○
- Whonix-Workstation Firewall script provides only damage limitation.
- ○
- Some additional security.
- ○
- For example, if Tor on Whonix-Gateway were compromised through a zero day exploit, it were harder to attack Whonix-Workstation, which might contain confidential data.
- ○
- When using multiple Whonix-Workstations on Non-Qubes-Whonix, this offers some protection from attacks from compromised other Whonix-Workstations, see https://www.whonix.org/wiki/Multiple_Whonix-Workstations for details.
- ○
- Whonix-Workstation Firewall might also enhance the connectivity of certain custom installed applications, because it rejects traffic, which is not supported by Tor so or so, such as UDP and ICMP. For example, ping will fail instantly (reject), instant of waiting for a timeout (drop).
WWW
https://www.whonix.org
AUTHOR
This man page has been written by Patrick Schleizer (adrelanos@whonix.org).
| January 2020 | whonix-firewall |