[Freedombox-discuss] Firewall for FreedomBox

[james.valleroy@gmail.com (James Valleroy)]

On Sun, Apr 27, 2014 at 11:30 AM, Sunil Mohan <sunil at medhas.org> wrote:
> I have worked on masquerade support using firewalld. We can now get rid
> of the proxy script. I have also introduced support for 'zone' based
> configuration from Plinth. The two corresponding merge requests are here:
>
> https://github.com/NickDaly/Plinth/pull/74
>
> https://github.com/SunilMohanAdapa/freedombox-setup/commits/firewall2
>
> I think there is one last remaining item for firewall setup: configure a
> random (but later known) port for obfsproxy so that firewall can enable
> the port.

Is it possible to get the port from /var/lib/tor/state (as we do in
the testsuite), and use that to configure the firewall?

Otherwise, if it's really necessary for us to pick a random port
ourselves, we should probably do that in first-run instead of setup.