Thanks for the reply adrien,
The Tor proxy, how does it connect to the Tor network do you know?
I'm fairly new to Tor but the windows install "bundle" contains Privoxy, Vidalia (a Tor module GUI) and the Tor program itself. The whole idea of Privoxy is that it provides the proxy interface into the local Tor module. As far as the communication leaving a "Torified" LAN machine, all I know is what I see in the firewall logs - an initial series of outbound TCP connections to a fixed IP's port 9030 and then a couple of outbound TCP connections to what appears to be one of several possible IPs on 443 when the machine boots up. After that activity Vidalia reports Tor has established a circuit and the client seems to be valid.
From there browsing with IE (with the "auto detect proxy settings" checked under Internet Options - Connections - LAN settings) or Firefox (with a special "Tor Button" addon) produces outgoing TCP connections just like you'd normally see (ie doing DNS UDP and content TCP connections) except they are all TCP and to various IP-port combos (ie network entry nodes).
Anyway, I've made some progress but no success, I'm hoping someone can help with my workaround here.
I've installed an open source program called dns-proxy-tor on the wingate box which I've set to bind to localhost port 53. This program is specificly designed for Torifying applications that leak DNS lookups. When I change the preferred DNS in the external NIC's local area connection defn from auto to localhost and turn off the DNS service in Gatekeeper (or simply remove the binding to localhost) I get DNS lookups through Tor from a browser on the Wingate box just fine. (I can tell by the delay in the lookup and by the fact that when I turn off the Tor module the DNS lookups fail). When I turn on the DNS service in gatekeeper (with the bindings set to include localhost) lookups fail.
With the LAN machines I've always had the local area connection NIC defns give each machine an IP with the gateway and preferred DNS pointing to the Wingate box. When I enable the DNS server in gatekeeper I see the UDP port 53 interaction to and from the Wingate box but like using the browser directly on the Wingate machine, the DNS lookups fails.
When I change the Wingate box's external NIC's preferred DNS back to auto (rather than localhost) I get DNS success (ie leaking through my ISP's DNS servers) and the proxy and cache work great to socks4 proxy the port 80 content requests through Tor (I can tell by whatismyip reporting the exit node's IP instead of mine) but the tor logs warn it is getting IPs instead of URLs and suspects DNS leaks. Now if I could just get both DNS and content lookups going through the Tor network at the same time.
I would be perfectly happy to leave the Wingate DNS server out of the picture but how do I specify that I want the Lan machines to get thier DNS lookups from the wingate box's perfered DNS when it's set to localhost (ie the DNS-proxy-tor service)? I've tried specifying localhost as the perfered DNS in the wingate box's internal NIC's local area connection defn but that doesn't make any difference. What I do notice is that the Wingate DNS service lookups fail very quickly and I wonder if maybe the problem is that the Wingate DNS service doesn't wait the few seconds it takes to do a lookup via DNS-proxy-tor. I'm also wondering if binding the Wingate DNS server to localost is clobering DNS-proxy-tor's connection on 53. I can bind DNS-proxy-tor to another localhost port but I didn't see where I can change the Wingate DNS module to do DNS lookups at the external NIC's perferred DNS but at a port other than 53.
Suggestions?
TIA