X-Git-Url: https://git.distorted.org.uk/~mdw/firewall/blobdiff_plain/78c56de162e7d1248eeaf10061c23dec184fe0e7..20106bbbbe547861538c865ff88a9af0fbe68ad4:/vampire.m4

diff --git a/vampire.m4 b/vampire.m4
index 450bdff..13e37bd 100644
--- a/vampire.m4
+++ b/vampire.m4
@@ -72,6 +72,10 @@ run iptables -A inbound -j ACCEPT \
 	-s 172.29.198.0/24 \
 	-p tcp --destination-port $port_squid
 
+## Watch outgoing Tor usage.
+run iptables -A OUTPUT -m multiport \
+	-p tcp --source-ports $port_tor_public,$port_tor_directory
+
 ## Other interesting things.
 dnsresolver inbound
 ntpclient inbound 158.152.1.76 158.152.1.204 194.159.253.2