Quote:
Originally Posted by ilan1
No, I had disabled all cookies and booted using a Knoppix
live CD (i.e. a completely fresh O/S) and the site actually
was able to query a DB on the back end which proved to me
that they were able to see my IP despite the proxy.
|
okay, but i'm not sure why you had to use knoppix, though...
you mean directly or through the proxy?? cuz this kinda sounds like the proxy might be sending the X-FORWARDED-FOR header instead of omitting or spoofing it... unless you have control over the proxy i don't think you can do anything about that...
Quote:
I was thinking that maybe
I could use iptables to drop all the traffic except those
going to the proxy?
|
yes, this can be done...
Quote:
I had asked about this in another thread, but the iptables
rule just slowed my system down like crazy. I did not understand
why, probably because of timeouts?
|
well, i'm not sure... anyways, here's what your OUTPUT rules might look like if you wanted traffic to only go out to the proxy:
Code:
iptables -F OUTPUT
iptables -P OUTPUT DROP
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -p TCP -o $WAN_INTERFACE -d $PROXY_IP \
--dport $PROXY_PORT -m state --state NEW -j ACCEPT
i think you wouldn't need to use any DNS since your are using the proxy, right?? well, if you do need to be able to query your ISP's DNS servers then just append a rule for that:
Code:
iptables -A OUTPUT -p UDP -o $WAN_INTERFACE -d $DNS_IP \
--dport 53 -m state --state NEW -j ACCEPT
oh, and BTW: if you wanna see which connection attempts are being made by your box when you go into the website, just append a LOG rule to the end of the OUTPUT chain...
this way you'll know for sure if the website was indeed getting your IP by triggering a connection:
Code:
iptables -A OUTPUT -j LOG --log-prefix "OUTPUT DROP: "