Does anyone know how TAILS accomplishes this, then? It doesn't rely on a relay like Whonix does, but I'm not a networking expert or a Linux expert, so I'm not altogether sure how it does work.
Ah, interesting, thank you. As far as point (b) goes, it seems to work pretty well: I can’t recall an occasion where I’ve had traffic blocked. (I suppose in practice not many applications use custom IP-but-not-TCP-or-UDP-based protocols.) So could that same thing not be a solution to e12e’s question?
