The idea here is to have a minimal install no GUI just a few packages on the Tor proxy server, and use it as a proxy into Tor. On your client computer you will have a full GUI, and probably have installed several packages, some, which unknown to you, will have malware. This malware can be as simple as keylogging with an output beacon going out through port 53 or port 80. It will take you months of scanning your logs to even clue in to what's happening, in the mean time all of your Tor postings are correlated back to you by running the messages against a giant database of clear text key strokes.

So you close all of the ports including port 53 and port 80 to general output, you may mac address bind port 53 to a dns server (same computer as the proxy server) using the same method described with endwall.sh, as well as setup squid to mac address bind port 3128 to the squid proxy for 80,443 and close regular port 443 and port 80 output by commenting out those sections in outbound. That way general output on port 53,80,443 etc is suppressed (dropped), so that the malware beacons can't talk out.