Merge branch 'feature/torify-dns' into old-master

author: intrigeri <intrigeri@boum.org> 2012-11-11 23:12:47 +0100
committer: intrigeri <intrigeri@boum.org> 2012-11-11 23:12:47 +0100
commit: 286be43f235dc0418bac2c85d49e824f22479985 (patch)
tree: 65406bb23ba26dc1b4c25570360c317f986a745e /README
parent: e31f901dc4a40b87611871d0cd783bbcec1ba4ed (diff)
parent: 0c28fa636653f395c756f56c93f8c78fddfcee00 (diff)
download: puppet-shorewall-286be43f235dc0418bac2c85d49e824f22479985.tar.gz
puppet-shorewall-286be43f235dc0418bac2c85d49e824f22479985.tar.bz2
1 files changed, 12 insertions, 1 deletions
diff --git a/README b/README
index cb4424f..07c50f2 100644
--- a/README
+++ b/README
@@ -110,7 +110,18 @@ rejected. This is intentional: it does not make sense leaking -via DNS
 requests- network activity that would otherwise be torified. In that
 case you probably want to read proper documentation about such
 matters, enable the Tor DNS resolver and redirect DNS requests through
-it.
+it,
+
+either globally:
+
+  shorewall::rules::torify::redirect_dns_to_tor { '-': }
+
+or for specific users:
+
+  shorewall::rules::torify::redirect_dns_to_tor { ['bob', 'alice' ]: }
+
+The $tor_dns_host and $tor_dns_port variables must be set before
+these defines are setup.
 
 Example
 -------
author	intrigeri <intrigeri@boum.org>	2012-11-11 23:12:47 +0100
committer	intrigeri <intrigeri@boum.org>	2012-11-11 23:12:47 +0100
commit	286be43f235dc0418bac2c85d49e824f22479985 (patch)
tree	65406bb23ba26dc1b4c25570360c317f986a745e /README
parent	e31f901dc4a40b87611871d0cd783bbcec1ba4ed (diff)
parent	0c28fa636653f395c756f56c93f8c78fddfcee00 (diff)
download	puppet-shorewall-286be43f235dc0418bac2c85d49e824f22479985.tar.gz puppet-shorewall-286be43f235dc0418bac2c85d49e824f22479985.tar.bz2