User Tools

Site Tools




Instructions taken from the OpenWrt forum

Tested with: OpenWrt 18.06

1. I edited the following in my network config file with vi /etc/config/network and inputted the information in the line tor

Show /etc/config/network

2. Next I configured its dhcp with

vi /etc/config/dhcp

Again notice the section for “tor”:

Show /etc/config/dhcp

3. I then created the wireless interface that will be connecting clients to the tor network and bridged to the tor interface created in step 1. Later on, I plan to create vlans for other switches and wifi repeaters to be on the same tor network interface but i digress.

vi /etc/config/wireless

Again notice the section configured under “tor” (edited to remove confidential information for security purposes).

Show /etc/config/wireless

4. Next I edited my firewall settings to accommodate the tor network

vi /etc/config/firewall

Study the tor section and forwarding rules respectively.

Show /etc/config/firewall

5. I then edited the firewall.user file that is referrenced with

vi /etc/firewall.user

I added two lines for iptables config for the wireless interface and the portnumbers tor uses:

# This file is interpreted as shell script.
# Put your custom iptables rules here, they will
# be executed with each firewall (re-)start.

# Internal uci firewall chains are flushed and recreated on reload, so
# put custom rules into the root chains e.g. INPUT or FORWARD or into the
# special user chains, e.g. input_wan_rule or postrouting_lan_rule.

iptables -t nat -A PREROUTING -i wlan1-2 -p udp --dport 53 -j REDIRECT --to-ports 9053
iptables -t nat -A PREROUTING -i wlan1-2 -p tcp --syn -j REDIRECT --to-ports 9040

6. I decided to download and install tor first before creating the torrc file

 opkg update; opkg install tor tor-geoip

7. Once the directory and files was created, I edited it

vi /etc/tor/torrc

Notice the areas where I removed the comments and the rest of the configurations I added to the bottom of the file.

Show /etc/tor/torrc

8. Reboot the router:

reboot now

9. Verify if the tor process is running

ps -ef | grep -i tor

Output should resemble this:

tor       4726     1  0 Jun25 ?        00:01:23 /usr/sbin/tor --runasdaemon 0
root     13093 21825  0 02:33 pts/0    00:00:00 grep -i tor

10. Similarly you can tail the log to see the following output

tail -f /tmp/log/tor

Notice Tor has successfully opened a circuit. Looks like client functionality is working.

Show tor log

11. Try connecting to the newly created tor wifi and test its connectivity with check tor

12. If you ever need to start and stop the tor service:

/etc/init.d/tor start
/etc/init.d/tor stop
/etc/init.d/tor restart

13. You can also find the process number from the ps -ef | grep -i tor and kill ### its pid number.

docs/guide-user/services/tor/start.txt · Last modified: 2019/01/15 18:06 by tmomas