[tor-talk] Tor Transparent Setup
Fernando Fernández Mancera
ffernandezmancera at gmail.com
Thu Dec 28 08:33:23 UTC 2017
Hi,
Maybe you should try to use AORTA. I have been using it for a while in
networks where I need a transparent proxy and it worked fine.
There are a few instructions and troubleshooting information really useful.
Link:
https://hoevenstein.nl/aorta-a-transparent-tor-proxy-for-linux-programs
Greetings.
On 12/28/2017 01:42 AM, Jeff Newman wrote:
> I'm new to Tor (and pseudo-new to Iptables), but not a unix newbie (started
> in '88) - however, I've literally spent the last 24 hours trying to get the
> few complete and/or relevant HowTo's I could find for Tor/IPTables/CentOS to
> work - without success.
>
> I'm trying to implement a transparent proxy on a CentOS 6.5 machine that I'm
> going to use as a desktop. I don't want to use the Tor Browser, but would
> rather have then "entire" system Tor'd (I realize there are leak
> potentials). I have a static public IP I am using directly on this single
> network port machine.
>
> With a default IPTables config, and no Tor installed/configured, I can ping
> the internet and browse without issue.
>
> This tutorial:
>
> https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy#Transpare
> ntlyRoutingTrafficThroughTor
>
> My system doesn't like the Tor configuration, but the IPTables script seems
> to run correctly. After editing resolv.conf to 127.0.0.1, DNS does not
> resolve (hangs), so that appears to be a bust.
>
> I pulled the Tor config from this one:
>
> http://www.digitalarmedforces.org/index.php/8-linux/19-how-to-setup-tor-as-a
> -transparent-proxy-on-ubuntu-linux
>
> but their IPTables config doesn't seem to hold after restart. Using their
> Tor config with the previous IPTables script seems most complete (everything
> starts without failures, logs look happy), but still no DNS resolution
> (hangs).
>
> Other tutorials I've found have depreciated config options, or are for
> different Linux versions, and that seems to create problems. I did finally
> figure out that SELinux had to be uninstalled to get past some config file
> permission access issues, but other than that, every time I try to connect
> to check.torproject.org, it says "sorry" if it can resolve at all.
>
> Anyone know of a good, current set of tutorials that works? I'd really
> appreciate the help. The Tor website doesn't seem to have any examples that
> are updated, or that I can get to work or are relevant. It does seem like
> everyone is saying "it's simple, just do this" but copy/pasting their stuff
> doesn't work (I do change the machine IP in scripts as needed). And it
> really does seem like it should be simple, as there are only a couple ways
> to use it, and a couple options to set.
>
> CentOS 6.5 build (core i7, Tor yum installed, fully yum updated)
> Tor 0.2.9.12-1 (EL6)
> Iptables 1.4.7-16
>
> I also tried a CentOS 7.x build, but had no luck there either (similar
> results).
>
> Thanks.
>
> Jeff Newman
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20171228/bf98087e/attachment-0001.sig>
More information about the tor-talk
mailing list