User Tools

Site Tools


docs:guide-user:services:tor:start

Tor

Configuration

Instructions taken from the OpenWrt forum

Tested with: OpenWrt 18.06

1. I edited the following in my network config file with vi /etc/config/network and inputted the information in the line tor

Show /etc/config/network

2. Next I configured its dhcp with

vi /etc/config/dhcp

Again notice the section for “tor”:

Show /etc/config/dhcp

3. I then created the wireless interface that will be connecting clients to the tor network and bridged to the tor interface created in step 1. Later on, I plan to create vlans for other switches and wifi repeaters to be on the same tor network interface but i digress.

vi /etc/config/wireless

Again notice the section configured under “tor” (edited to remove confidential information for security purposes).

Show /etc/config/wireless

4. Next I edited my firewall settings to accommodate the tor network

vi /etc/config/firewall

Study the tor section and forwarding rules respectively.

Show /etc/config/firewall

5. I then edited the firewall.user file that is referrenced with

vi /etc/firewall.user

I added two lines for iptables config for the wireless interface and the portnumbers tor uses:

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.

iptables -t nat -A PREROUTING -i wlan1-2 -p udp --dport 53 -j REDIRECT --to-ports 9053
iptables -t nat -A PREROUTING -i wlan1-2 -p tcp --syn -j REDIRECT --to-ports 9040

6. I decided to download and install tor first before creating the torrc file

 opkg update; opkg install tor tor-geoip

7. Once the directory and files was created, I edited it

vi /etc/tor/torrc

Notice the areas where I removed the comments and the rest of the configurations I added to the bottom of the file.

Show /etc/tor/torrc

8. Reboot the router:

reboot now

9. Verify if the tor process is running

ps -ef | grep -i tor

Output should resemble this:

tor       4726     1  0 Jun25 ?        00:01:23 /usr/sbin/tor --runasdaemon 0
root     13093 21825  0 02:33 pts/0    00:00:00 grep -i tor

10. Similarly you can tail the log to see the following output

tail -f /tmp/log/tor

Notice Tor has successfully opened a circuit. Looks like client functionality is working.

Show tor log

11. Try connecting to the newly created tor wifi and test its connectivity with check tor https://cdn.instructables.com/FHN/5956/IK2X86XF/FHN5956IK2X86XF.LARGE.jpg

12. If you ever need to start and stop the tor service:

/etc/init.d/tor start
/etc/init.d/tor stop
/etc/init.d/tor restart

13. You can also find the process number from the ps -ef | grep -i tor and kill ### its pid number.

docs/guide-user/services/tor/start.txt · Last modified: 2019/01/15 18:06 by tmomas