-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
virt-manager bypass orjail network and access internet without tor #94
Comments
See Wireshark logs. Here all the VPN traffic is tunneled over Tor, |
That is happening because the virt-manager connects to libvirt daemon which is running on host network namespace. Anyway you wouldn't connect the Orjail veth interface to virt-manager, but I found some tutorials for setting up a TAP interface which routes all traffic over Tor: https://www.mike-warren.com/articles/routing-vm-traffic-through-tor.html It's not that easy, but you could give a try. |
Hi @alpominth, thank you very much for the tips. I installed Wireshark now, but I don't know how to use it, I will have to learn. Do you use orjail to launch OpenVPN? I'm doing this but I don't know if it's safe.
If I launch The Virt-Manager Daemon with orjail the connection of my virtual machine will go to the Tor Network? |
You should install Wireshark and start as root and you should double-click in the network interface to see the packets going in and out. What you should do is to see if the VPN IP is showed in the Wireshark logs, if not, you're not leaking anything. I already launched OpenVPN inside Orjail in some tests and saw the Wireshark logs, I could notice that is pretty safe as all the VPN traffic is tunneled over Tor.
You can try that, but I don't know if you could bridge a virtual ethernet (veth) interface to the virtual machine. In my tests, it doesn't work with VirtualBox, not sure about QEMU/Xen. |
I tried launch The Virt-Manager Daemon with orjail, daemon runs, but does not connect with the application. Give the following error message:
We can conclude that orjail is not for torify Virt-Manager. |
That was expected. Also, orjail is meant for anonymizing userspace programs, not entire operating systems inside a virtual machine, anonymizing VMs is far more complex. |
I started a shell with orjail and started virt-manager from it, so I created a virtual machine and started the Guest operating system. The Guest operating system is accessing the internet without Tor, I checked this by accessing the page https://check.torproject.org in the Guest operating system.
I am also using orjail to run OpenVPN and try to make the VPN Over Tor (Tor> VPN) connection, but I don't know if OpenVPN is accessing the internet through or without Tor. How can I know if my real IP is being leaked when I run OpenVPN inside orjail?
The most serious problem I found is that virt-manager software completely ignores orjail and connects to the internet without Tor.
The text was updated successfully, but these errors were encountered: