How do I redirect ALL TCP traffic using NAT rule?
-
Hi Everyone!
I am attempting to setup pfSense as a transparent Tor proxy but am running into some issues that I wouldn't have thought should have been issues. What I have working now is that Tor is running on my pfSense box with TCP 80/443 and TCP/UDP 53 being transparently redirected to the Tor daemon (port 9040).
What I would like to move to is all TCP gets redirected to the Tor daemon. However, it appears the web GUI requires that you give a destination port range AND that range gets mapped to a range starting at your redirect port (e.g. redirecting ports 80-100 causes those ports to get mapped to 9040-9060). This clearly doesn't work for me since I want the whole range mapped to a single port. Admittedly I'm a complete noob when it comes to FreeBSD firewall rule syntax but the Tor transparent proxy documentation makes this look like it should be doable.
I guess this all boils down to two questions:
-
Can I use the GUI to make the firewall rule(s) that I want?
-
If I can't, what commands can I run from my Tor start/stop script to insert the rules dynamically?
Thank you in advance for any help!
P.S. - If it matters, I only want the redirect to kick in for a certain source subnet like 192.168.100.0/24.
-