====== Как заблокировать Tor через netfilter (iptables) ======

Источник
  * http://mikhailian.mova.org/node/194
  * https://gist.github.com/jkullick/62695266273608a968d0d7d03a2c4185

<code>
# create a new set for individual IP addresses
ipset -N tor iphash
# get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line
wget -q https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$YOUR_IP -O -|sed '/^#/d' |while read IP
do
  # add each IP address to the new set, silencing the warnings for IPs that have already been added
  ipset -q -A tor $IP
done
# filter our new set in iptables
iptables -A INPUT -m set --match-set tor src -j DROP
</code>

{{tag>iptables ipset tor}}