Iptables for Tor proxy on a raspberry with DietPi distro

Question

I want to use my raspberry for two purposes:

• Tor proxy
• Email server

So, the tor proxy is already set and I was able to use it. I installed the tor services on my DietPi distro, I configure the proxy on my browser, port 9050 socks v5, and everything is cool. I decided to install the email server but, first, I was setting up iptables as firewall. I was following a tutorial for the setting and I copied and paste the rules. Anyway, even if I comment the rules when I set the proxy in the browser I can not reach anything, I got a timeout. If I remove iptables, uninstall it, the proxy works again. If i run a

iptables-save

this is what I got

# Generated by xtables-save v1.8.2 on Thu Dec 10 10:10:56 2020
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p 17 -m udp --sport 67 --dport 68 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -p 6 -m tcp --dport 22 -j ACCEPT
-A INPUT -p 6 -m tcp --dport 80 -j ACCEPT
-A INPUT -p 6 -m tcp --dport 443 -j ACCEPT
-A INPUT -p 1 -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -j DROP
-A FORWARD -j DROP
-A OUTPUT -j ACCEPT
COMMIT

Ip of my proxy is not present in the list neither the port I am using for the Tor proxy. How can I set up correctly the firewall? Or there is another solution to be approached? thanks in advance

Answer 1

In the end it was quite a basic fix to do. What you need to do is just adding these two lines in your

/etc/iptables.firewall.rules

-A INPUT  -p tcp -m tcp --dport [TOR_PROXY_PORT] -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport [TOR_PROXY_PORT] -j ACCEPT

This lines will allow to get data into your tor proxy and also the traffic will be able to flow out of the proxy.